正文

CUPS UDP数据包远程服务拒绝漏洞

admin
admin V管理员 /0 评论 /7 阅读
1231
此篇文章发布距今已超过1236天,您需要注意文章的内容或图片是否可用!

漏洞信息详情

CUPS UDP数据包远程服务拒绝漏洞

  • CNNVD编号:CNNVD-200409-082
    • <!--
  • 危害等级: 中危-->
  • 危害等级: 中危
  • CVE编号: CVE-2004-0558
  • 漏洞类型: 其他
  • 发布时间: 2004-09-28
  • 威胁类型: 远程
  • 更新时间: 2010-02-24
  • 厂        商: easy_software_products
  • 漏洞来源: Discovery of this ...

漏洞简介

CUPS 1.1.21之前版本中的Internet Printing Protocol(IPP)的安装启用存在漏洞。远程攻击者可以借助某个IPP端口的UDP数据包导致服务拒绝(服务挂起)。

漏洞公告

SuSE has released advisory SUSE-SA:2004:031 to address this issue. Please see the attached advisory for information on obtaining and applying fixes. ALT Linux have released an update to address this issue. Red Hat has released advisory RHSA-2004:449-17 and fixes to address this issue on Red Hat Linux Enterprise platforms. Customers who are affected by this issue are advised to apply the appropriate updates. Customers subscribed to the Red Hat Network may apply the appropriate fixes using the Red Hat Update Agent (up2date). Please see referenced advisory for additional information. Debian has released advisory DSA 545-1 to address this issue. Please see the attached advisory for further information on obtaining and applying fixes. Mandrake has released advisory MDKSA-2004:097 to address this issue. Please see the attached advisory for further information on obtaining and applying fixes. CUPS 1.1.21 has been released to address this issue. A vendor patch for version 1.2.20 is also available. Trustix Secure Linux has released an advisory (TSLSA-2004-0047) along with fixes dealing with this, and other issues. Please see the referenced advisory for further information. Gentoo has released an advisory (GLSA 200409-25) and fixes for this issue. To obtain fixes, run the following commands: emerge sync emerge -pv ">=net-print/cups-1.1.20-r2" emerge ">=net-print/cups-1.1.20-r2" Slackware Linux has released an advisory (SSA:2004-266-01) along with fixes dealing with this issue. RedHat has released an advisory (FEDORA-2004-275) to address this issue in Fedora Core 2. Please see the referenced advisory for more information. Apple has released updates for this issue that may be applied through Software Update. Manual updates are also available. Please see the Apple advisory (APPLE-SA-2004-09-30) for more information. Sun Microsystems has made a security alert (Sun Alert ID: 57646) along with a fix dealing with this issue. Sun advises that all users download and install the update. To download and install the updated RPMs from the update servers select the following from the launch bar: Launch >> Applications >> System Tools >> Online Update For more information please see the referenced Sun advisory. SCO has released advisory SCOSA-2004.15 along with fixes to address this issue in SCO Unixware 7.1.3up and 7.1.4. Please see the referenced advisory for further information. Conectiva has released advisory CLA-2004:872 to address this issue. Please see the attached advisory for details on obtaining and applying fixes. Fedora Legacy has released advisory FLSA-2004:2072 along with fixes for RedHat Linux dealing with this issue. Please see the referenced advisory for more information. Turbolinux has released advisory TLSA-2004-33 along with fixes dealing with this issue. Please see the referenced advisory for more information. SCO has released advisory SCOSA-2005.51, along with fixes to address this issue in SCO OpenServer 5.0.7 and 6.0.0. Please see the referenced advisory for further information. Sun Java Desktop System (JDS) 2003

  • Sun patch-9321
Easy Software Products CUPS 1.1.14
  • Debian cupsys-bsd_1.1.14-5woody6_alpha.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.1 4-5woody6_alpha.deb
  • Debian cupsys-bsd_1.1.14-5woody6_arm.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.1 4-5woody6_arm.deb
  • Debian cupsys-bsd_1.1.14-5woody6_hppa.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.1 4-5woody6_hppa.deb
  • Debian cupsys-bsd_1.1.14-5woody6_i386.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.1 4-5woody6_i386.deb
  • Debian cupsys-bsd_1.1.14-5woody6_ia64.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.1 4-5woody6_ia64.deb
  • Debian cupsys-bsd_1.1.14-5woody6_m68k.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.1 4-5woody6_m68k.deb
  • Debian cupsys-bsd_1.1.14-5woody6_mips.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.1 4-5woody6_mips.deb
  • Debian cupsys-bsd_1.1.14-5woody6_mipsel.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.1 4-5woody6_mipsel.deb
  • Debian cupsys-bsd_1.1.14-5woody6_powerpc.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.1 4-5woody6_powerpc.deb
  • Debian cupsys-bsd_1.1.14-5woody6_s390.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.1 4-5woody6_s390.deb
  • Debian cupsys-bsd_1.1.14-5woody6_sparc.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.1 4-5woody6_sparc.deb
  • Debian cupsys-client_1.1.14-5woody6_alpha.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1. 1.14-5woody6_alpha.deb
  • Debian cupsys-client_1.1.14-5woody6_arm.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1. 1.14-5woody6_arm.deb
  • Debian cupsys-client_1.1.14-5woody6_hppa.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1. 1.14-5woody6_hppa.deb
  • Debian cupsys-client_1.1.14-5woody6_i386.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1. 1.14-5woody6_i386.deb
  • Debian cupsys-client_1.1.14-5woody6_ia64.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1. 1

参考网址

来源: FEDORA 名称: FLSA:2072 链接:https://bugzilla.fedora.us/show_bug.cgi?id=2072 来源: XF 名称: cups-udp-dos(17389) 链接:http://xforce.iss.net/xforce/xfdb/17389 来源: REDHAT 名称: RHSA-2004:449 链接:http://www.redhat.com/support/errata/RHSA-2004-449.html 来源: DEBIAN 名称: DSA-545 链接:http://www.debian.org/security/2004/dsa-545 来源: TRUSTIX 名称: 2004-0047 链接:http://www.trustix.org/errata/2004/0047/ 来源: SUSE 名称: SUSE-SA:2004:031 链接:http://www.suse.com/de/security/2004_31_cups.html 来源: BID 名称: 11183 链接:http://www.securityfocus.com/bid/11183 来源: SUNALERT 名称: 1000757 链接:http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000757.1-1 来源: SUNALERT 名称: 201005 链接:http://sunsolve.sun.com/search/document.do?assetkey=1-66-201005-1 来源: SUNALERT 名称: 57646 链接:http://sunsolve.sun.com/search/document.do?assetkey=1-26-57646-1 来源: OVAL 名称: oval:org.mitre.oval:def:11732 链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11732 来源: SCO 名称: SCOSA-2004.15 链接:http://marc.theaimsgroup.com/?l=bugtraq&m=109760654431316&w=2 来源: APPLE 名称: APPLE-SA-2004-09-30 链接:http://lists.apple.com/archives/security-announce/2004/Oct/msg00000.html 来源: CONECTIVA 名称: CLA-2004:872 链接:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000872

受影响实体

  • Easy_software_products Cups:1.1.21  
    <!--
    2000-1-1
    -->

补丁

    暂无