openSUSE Security Update : cups (cups-232)

Critical Nessus Plugin ID 39941


The remote openSUSE host is missing a security update.


Specially crafted print jobs could trigger buffer overflows in the 'imagetops', 'texttops' and 'hpgltops' filters. Attackers could potentially exploit that to execute arbitrary code on the cups server (CVE-2008-3639, CVE-2008-3640, CVE-2008-3641).


Update the affected cups packages.

See Also

Plugin Details

Severity: Critical

ID: 39941

File Name: suse_11_0_cups-081002.nasl

Version: $Revision: 1.11 $

Type: local

Agent: unix

Published: 2009/07/21

Modified: 2016/12/21

Dependencies: 12634

Risk Information

Risk Factor: Critical


Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:cups, p-cpe:/a:novell:opensuse:cups-client, p-cpe:/a:novell:opensuse:cups-devel, p-cpe:/a:novell:opensuse:cups-libs, p-cpe:/a:novell:opensuse:cups-libs-32bit, cpe:/o:novell:opensuse:11.0

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2008/10/02

Exploitable With

Core Impact

Reference Information

CVE: CVE-2008-3639, CVE-2008-3640, CVE-2008-3641

CWE: 119, 189, 399