Jump to content
Sign in to follow this  
paul

Advisories MDVSA-2010:232: cups

Recommended Posts

Multiple vulnerabilities were discovered and corrected in cups:

 

Cross-site request forgery (CSRF) vulnerability in the web interface

in CUPS, allows remote attackers to hijack the authentication of

administrators for requests that change settings (CVE-2010-0540).

 

The _WriteProlog function in texttops.c in texttops in the Text Filter

subsystem in CUPS before 1.4.4 does not check the return values

of certain calloc calls, which allows remote attackers to cause a

denial of service (NULL pointer dereference or heap memory corruption)

or possibly execute arbitrary code via a crafted file (CVE-2010-0542).

 

The web interface in CUPS, reads uninitialized memory during handling

of form variables, which allows context-dependent attackers to obtain

sensitive information from cupsd process memory via unspecified vectors

(CVE-2010-1748).

 

The cupsFileOpen function in CUPS before 1.4.4 allows local users,

with lp group membership, to overwrite arbitrary files via a

symlink attack on the (1) /var/cache/cups/remote.cache or (2)

/var/cache/cups/job.cache file (CVE-2010-2431).

 

ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate

memory for attribute values with invalid string data types, which

allows remote attackers to cause a denial of service (use-after-free

and application crash) or possibly execute arbitrary code via a

crafted IPP request (CVE-2010-2941).

 

Packages for 2009.0 are provided as of the Extended Maintenance

Program. Please visit this link to learn more:

http://store.mandriva.com/product_info.php?cPath=149&products_id=490

 

The updated packages have been patched to correct these issues.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  

×
×
  • Create New...