漏洞信息详情
CUPS IPP标签远程栈溢出漏洞
- CNNVD编号:CNNVD-200710-550
- 危害等级: 中危
- CVE编号: CVE-2007-4351
- 漏洞类型: 数字错误
- 发布时间: 2007-10-31
- 威胁类型: 远程
- 更新时间: 2007-11-02
- 厂 商: cups
- 漏洞来源: Alin Rad Pop
漏洞简介
CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple Common Unix Printing System(CUPS)是美国苹果(CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple)公司的一套开源的用于OS X和类Unix系统的打印系统。该系统基于Internet打印协议(IPP),提供大多数PostScript和raster打印机服务。
CUPS的cups/ipp.c文件中的ippReadIO()函数在处理IPP(Internet打印协议)标签时存在栈溢出漏洞,远程攻击者可能利用此漏洞控制服务器。
如果远程攻击者向打印服务发送了包含有特制textWithLanguage或nameWithLanguage标签的IPP请求的话,就可能导致用0覆盖栈上的一个字节,导致执行任意指令。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
RedHat已经为此发布了一个安全公告(RHSA-2007:1020-01)以及相应补丁:
RHSA-2007:1020-01:Important: cups security and bug fix update
链接:
https://www.redhat.com/support/errata/RHSA-2007-1020.HTMLtarget="_blank">https://www.redhat.com/support/errata/RHSA-2007-1020.HTML
Gentoo
Gentoo已经为此发布了一个安全公告(GLSA-200711-16)以及相应补丁:
GLSA-200711-16:CUPS: Memory corruption
链接:
http://security.gentoo.org/glsa/glsa-200711-16.xml
所有CUPS用户都应升级到最新版本:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-print/cups-1.2.12-r2"
参考网址
来源: US-CERT
名称: TA07-352A
链接:http://www.us-cert.gov/cas/techalerts/TA07-352A.HTML
来源: US-CERT
名称: VU#446897
链接:http://www.kb.cert.org/vuls/id/446897
来源: SECUNIA
名称: 27233
链接:http://secunia.com/advisories/27233
来源: FEDORA
名称: FEDORA-2007-2715
链接:https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00012.HTML
来源: issues.rpath.com
链接:https://issues.rpath.com/browse/RPL-1875
来源: bugzilla.redhat.com
链接:https://bugzilla.redhat.com/show_bug.cgi?id=361661
来源: XF
名称: cups-ippreadio-bo(38190)
链接:http://xforce.iss.net/xforce/xfdb/38190
来源: UBUNTU
名称: USN-539-1
链接:http://www.ubuntulinux.org/support/documentation/usn/usn-539-1
来源: SECTRACK
名称: 1018879
链接:http://www.securitytracker.com/id?1018879
来源: BID
名称: 26268
链接:http://www.securityfocus.com/bid/26268
来源: REDHAT
名称: RHSA-2007:1023
链接:http://www.redhat.com/support/errata/RHSA-2007-1023.HTML
来源: REDHAT
名称: RHSA-2007:1022
链接:http://www.redhat.com/support/errata/RHSA-2007-1022.HTML
来源: REDHAT
名称: RHSA-2007:1020
链接:http://www.redhat.com/support/errata/RHSA-2007-1020.HTML
来源: SUSE
名称: SUSE-SA:2007:058
链接:http://www.novell.com/linux/security/advisories/2007_58_cups.HTML
来源: MANDRIVA
名称: MDKSA-2007:204
链接:http://www.mandriva.com/security/advisories?name=MDKSA-2007:204
来源: VUPEN
名称: ADV-2008-1934
链接:http://www.frsirt.com/english/advisories/2008/1934/references
来源: VUPEN
名称: ADV-2007-4238
链接:http://www.frsirt.com/english/advisories/2007/4238
来源: VUPEN
名称: ADV-2007-3681
链接:http://www.frsirt.com/english/advisories/2007/3681
来源: DEBIAN
名称: DSA-1407
链接:http://www.debian.org/security/2007/dsa-1407
来源: www.cups.org
链接:http://www.cups.org/str.php?L2561
来源: CISCO
名称: 20080625 Wide Area Application Services (WAAS) Common UNIX Printing System (CUPS) Vulnerability
链接:http://www.cisco.com/en/US/products/products_security_response09186a00809a1f11.HTML
来源: support.avaya.com
链接:http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm
来源: SLACKWARE
名称: SSA:2007-305-01
链接:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.501902
来源: GENTOO
名称: GLSA-200711-16
链接:http://security.gentoo.org/glsa/glsa-200711-16.xml
来源: MISC
名称: http://secunia.com/secunia_research/2007-76/advisory/
链接:http://secunia.com/secunia_research/2007-76/advisory/
来源: SECUNIA
名称: 30847
链接:http://secunia.com/advisories/30847
来源: SECUNIA
名称: 28136
链接:http://secunia.com/advisories/28136
来源: SECUNIA
名称: 27712
链接:http://secunia.com/advisories/27712
来源: SECUNIA
名称: 27604
链接:http://secunia.com/advisories/27604
来源: SECUNIA
名称: 27577
链接:http://secunia.com/advisories/27577
来源: SECUNIA
名称: 27540
链接:http://secunia.com/advisories/27540
来源: SECUNIA
名称: 27499
链接:http://secunia.com/advisories/27499
来源: SECUNIA
名称: 27494
链接:http://secunia.com/advisories/27494
来源: SECUNIA
名称: 27474
链接:http://secunia.com/advisories/27474
来源: SECUNIA
名称: 27447
链接:http://secunia.com/advisories/27447
来源: SECUNIA
名称: 27445
链接:http://secunia.com/advisories/27445
来源: SECUNIA
名称: 27410
链接:http://secunia.com/advisories/27410
来源: CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple
名称: CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple-SA-2007-12-17
链接:http://lists.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/archives/security-announce/2007/Dec/msg00002.HTML
来源: docs.info.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com
链接:http://docs.info.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/article.HTML?artnum=307179
受影响实体
- Cups Cups:1.3.3
补丁
暂无
![weinxin](http://zone.ci/zone_ci_images/zone.ci.png)
评论