Date: Wed, 6 May 2009 01:46:02 +0400 (MSD) From: Eygene Ryabinkin <rea-fbsd@codelabs.ru> To: FreeBSD-gnats-submit@freebsd.org Subject: ports/134247: [vuxml] print/cups-base: document vulnerabilities fixed in 1.3.10 Message-ID: <20090505214602.389341725F@amnesiac.at.no.dns> Resent-Message-ID: <200905052200.n45M06e1056428@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 134247 >Category: ports >Synopsis: [vuxml] print/cups-base: document vulnerabilities fixed in 1.3.10 >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue May 05 22:00:06 UTC 2009 >Closed-Date: >Last-Modified: >Originator: Eygene Ryabinkin >Release: FreeBSD 8.0-CURRENT amd64 >Organization: Code Labs >Environment: System: FreeBSD 8.0-CURRENT amd64 >Description: Some vulnerabilities were fixed in CUPS 1.3.10: [1] >How-To-Repeat: [1] http://www.gentoo.org/security/en/glsa/glsa-200904-20.xml >Fix: The following VuXML entry should be evaluated and added: --- vuln.xml begins here --- <vuln vid="736e55bc-39bb-11de-a493-001b77d09812"> <topic>cups -- remote code execution and DNS rebinding</topic> <affects> <package> <name>cups-base</name> <range><lt>1.3.10</lt></range> </package> </affects> <description> <body xmlns="http://www.w3.org/1999/xhtml">; <p>Gentoo security team summarizes:</p> <blockquote cite="http://www.gentoo.org/security/en/glsa/glsa-200904-20.xml">; <p>The following issues were reported in CUPS:</p> <ul> <li>iDefense reported an integer overflow in the _cupsImageReadTIFF() function in the "imagetops" filter, leading to a heap-based buffer overflow (CVE-2009-0163).</li> <li>Aaron Siegel of Apple Product Security reported that the CUPS web interface does not verify the content of the "Host" HTTP header properly (CVE-2009-0164).</li> <li>Braden Thomas and Drew Yao of Apple Product Security reported that CUPS is vulnerable to CVE-2009-0146, CVE-2009-0147 and CVE-2009-0166, found earlier in xpdf and poppler.</li> </ul> <p>A remote attacker might send or entice a user to send a specially crafted print job to CUPS, possibly resulting in the execution of arbitrary code with the privileges of the configured CUPS user -- by default this is "lp", or a Denial of Service. Furthermore, the web interface could be used to conduct DNS rebinding attacks.</p> </blockquote> </body> </description> <references> <cvename>CVE-2009-0163</cvename> <cvename>CVE-2009-0164</cvename> <cvename>CVE-2009-0146</cvename> <cvename>CVE-2009-0147</cvename> <cvename>CVE-2009-0166</cvename> <bid>34571</bid> <bid>34665</bid> <bid>34568</bid> <url>http://www.cups.org/articles.php?L582</url>; </references> <dates> <discovery>2009-05-05</discovery> <entry>TODAY</entry> </dates> </vuln> --- vuln.xml ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090505214602.389341725F>