 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.64069 |
| Category: | Red Hat Local Security Checks |
| Title: | RedHat Security Advisory RHSA-2009:1082 |
| Summary: | The remote host is missing updates announced in;advisory RHSA-2009:1082.;;The Common UNIX Printing System (CUPS) provides a portable printing layer;for UNIX operating systems. The Internet Printing Protocol (IPP) allows;users to print and manage printing-related tasks over a network.;;A NULL pointer dereference flaw was found in the CUPS IPP routine, used for;processing incoming IPP requests for the CUPS scheduler. An attacker could;use this flaw to send specially-crafted IPP requests that would crash the;cupsd daemon. (CVE-2009-0949);;Red Hat would like to thank Anibal Sacco from Core Security Technologies;for reporting this issue.;;Users of cups are advised to upgrade to these updated packages, which;contain a backported patch to correct this issue. After installing this;update, the cupsd daemon will be restarted automatically. |
| Description: | Summary: The remote host is missing updates announced in advisory RHSA-2009:1082. The Common UNIX Printing System (CUPS) provides a portable printing layer for UNIX operating systems. The Internet Printing Protocol (IPP) allows users to print and manage printing-related tasks over a network. A NULL pointer dereference flaw was found in the CUPS IPP routine, used for processing incoming IPP requests for the CUPS scheduler. An attacker could use this flaw to send specially-crafted IPP requests that would crash the cupsd daemon. (CVE-2009-0949) Red Hat would like to thank Anibal Sacco from Core Security Technologies for reporting this issue. Users of cups are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the cupsd daemon will be restarted automatically. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2009-0949 http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html BugTraq ID: 35169 http://www.securityfocus.com/bid/35169 Bugtraq: 20090602 CORE-2009-0420 - Apple CUPS IPP_TAG_UNSUPPORTED Handling null pointer Vulnerability (Google Search) http://www.securityfocus.com/archive/1/504032/100/0/threaded Debian Security Information: DSA-1811 (Google Search) http://www.debian.org/security/2009/dsa-1811 http://www.coresecurity.com/content/AppleCUPS-null-pointer-vulnerability https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9631 http://www.redhat.com/support/errata/RHSA-2009-1082.html http://www.redhat.com/support/errata/RHSA-2009-1083.html http://securitytracker.com/id?1022321 http://secunia.com/advisories/35322 http://secunia.com/advisories/35328 http://secunia.com/advisories/35340 http://secunia.com/advisories/35342 http://secunia.com/advisories/35685 http://secunia.com/advisories/36701 SuSE Security Announcement: SUSE-SR:2009:012 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://www.ubuntu.com/usn/USN-780-1 XForce ISS Database: apple-cups-ipptag-dos(50926) https://exchange.xforce.ibmcloud.com/vulnerabilities/50926 |
| Copyright | Copyright (C) 2009 E-Soft Inc. |
| This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |