Scientific Linux Security Update : cups on SL3.x i386/x86_64
Medium Nessus Plugin ID 60567
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionAn integer overflow flaw, leading to a heap-based buffer overflow, was discovered in the Tagged Image File Format (TIFF) decoding routines used by the CUPS image-converting filters, 'imagetops' and 'imagetoraster'. An attacker could create a malicious TIFF file that could, potentially, execute arbitrary code as the 'lp' user if the file was printed. (CVE-2009-0163)
After installing the update, the cupsd daemon will be restarted automatically.
SolutionUpdate the affected cups, cups-devel and / or cups-libs packages.