Scientific Linux Security Update : cups on SL5.x i386/x86_64
Medium Nessus Plugin ID 60743
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionCVE-2010-0302 cups Incomplete fix for CVE-2009-3553
It was discovered that the cups 1.3.7-11.el5_4.4 security update did not fully correct the use-after-free flaw in the way CUPS handled references in its file descriptors-handling interface. A remote attacker could send specially crafted queries to the CUPS server, causing it to crash. (CVE-2010-0302)
After installing the update, the cupsd daemon will be restarted automatically.
SolutionUpdate the affected packages.