Slackware 12.0 / current : cups (SSA:2008-094-01)

High Nessus Plugin ID 31740

Synopsis

The remote Slackware host is missing a security update.

Description

New cups packages are available for Slackware 12.0, and -current to fix security issues. The change from CUPS 1.2.x to CUPS 1.3.x was tested here, but if you're on a completely secured internal network these issues may be less of a risk than upgrading. If your IPP port is open to the internet, you'd be advised to upgrade as soon as possible (or firewall the port at the gateway if you're not in need of printer jobs coming in from the internet).

Solution

Update the affected cups package.

See Also

http://www.nessus.org/u?93a345b8

Plugin Details

Severity: High

ID: 31740

File Name: Slackware_SSA_2008-094-01.nasl

Version: Revision: 1.13

Type: local

Published: 2008/04/04

Updated: 2015/03/30

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 9.3

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:slackware:slackware_linux:cups, cpe:/o:slackware:slackware_linux, cpe:/o:slackware:slackware_linux:12.0

Required KB Items: Host/local_checks_enabled, Host/Slackware/release, Host/Slackware/packages

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2008/04/03

Reference Information

CVE: CVE-2008-0047, CVE-2008-1373

BID: 28307, 28544

SSA: 2008-094-01

CWE: 119