发布时间:2003-11-04
更新时间:2003-11-04
严重程度:中
威胁程度:远程拒绝服务
错误类型:意外情况处置错误
利用方式:服务器模式
BUGTRAQ ID:8952
CVE(CAN) ID:cgi-bin/cvename.
cgi?name=CAN-2003-0788">
CAN-2003-0788
受影响系统 Easy Software Products CUPS 1.0.4 -8
+ Debian Linux 2.2
Easy Software Products CUPS 1.0.4
+ Debian Linux 2.2
Easy Software Products CUPS 1.1.1
+ RedHat PowerTools 7.0
Easy Software Products CUPS 1.1.4 -5
Easy Software Products CUPS 1.1.4 -3
+ MandrakeSoft Linux Mandrake 7.2
Easy Software Products CUPS 1.1.4 -2
+ Debian Linux 2.3
Easy Software Products CUPS 1.1.4
+ Debian Linux 2.3
+ MandrakeSoft Linux Mandrake 7.2
Easy Software Products CUPS 1.1.6
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1
+ MandrakeSoft Linux Mandrake 8.0
+ MandrakeSoft Linux Mandrake 8.0 ppc
+ S.u.S.E. Linux 7.1 alpha
+ S.u.S.E. Linux 7.1 ppc
+ S.u.S.E. Linux 7.1 sparc
+ S.u.S.E. Linux 7.1 x86
+ S.u.S.E. Linux 7.2 i386
Easy Software Products CUPS 1.1.7
Easy Software Products CUPS 1.1.10
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Workstation 3.1.1
+ Conectiva Linux 6.0
+ Conectiva Linux 7.0
+ MandrakeSoft Linux Mandrake 8.1
+ MandrakeSoft Linux Mandrake 8.1 ia64
+ S.u.S.E. Linux 7.3 i386
+ S.u.S.E. Linux 7.3 ppc
+ S.u.S.E. Linux 7.3 sparc
Easy Software Products CUPS 1.1.12
+ S.u.S.E. Linux 8.0
+ S.u.S.E. Linux 8.0 i386
Easy Software Products CUPS 1.1.13
Easy Software Products CUPS 1.1.14
+ Conectiva Linux 8.0
+ Debian Linux 3.0
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 sparc
+ MandrakeSoft Linux Mandrake 8.2
+ MandrakeSoft Linux Mandrake 8.2 ppc
Easy Software Products CUPS 1.1.15
+ Conectiva Linux Enterprise Edition 1.0
+ S.u.S.E. Linux 8.1
Easy Software Products CUPS 1.1.16
+ MandrakeSoft Linux Mandrake 9.0
Easy Software Products CUPS 1.1.17
Easy Software Products CUPS 1.1.18
+ Conectiva Linux 9.0
+ MandrakeSoft Corporate Server 2.1
+ MandrakeSoft Linux Mandrake 9.0
+ S.u.S.E. Linux 8.2
TurboLinux TurboLinux 8.0 Workstation
TurboLinux TurboLinux 8.0 Server
未影响系统 Easy Software Products CUPS 1.1.19
详细描述
CUPS协议实现上存在
漏洞,提交恶意作业到IPP端口631
,可导致拒绝服务攻击,没有详细资料提供
。
解决方案
补丁下载:
Easy Software Products CUPS 1.1.10:
Conectiva Upgrade cups-drivers-1.0-3U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/cups-drivers-1.0-3U70_1cl.i386.rpm
Update for Conectiva Linux 7.0.
Conectiva Upgrade cups-1.1.14-1U70_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/cups-1.1.14-1U70_5cl.i386.rpm
Update for Conectiva Linux 7.0.
Conectiva Upgrade cups-devel-1.1.14-1U70_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/cups-devel-1.1.14-1U70_5cl.i386.rpm
Update for Conectiva Linux 7.0.
Conectiva Upgrade cups-doc-1.1.14-1U70_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/cups-doc-1.1.14-1U70_5cl.i386.rpm
Update for Conectiva Linux 7.0.
Conectiva Upgrade cups-libs-1.1.14-1U70_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/cups-libs-1.1.14-1U70_5cl.i386.rpm
Update for Conectiva Linux 7.0.
Conectiva Upgrade cups-devel-static-1.1.14-1U70_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/cups-devel-static-1.1.14-1U70_5cl.i386.rpm
Update for Conectiva Linux 7.0.
Easy Software Products CUPS 1.1.14:
Conectiva Upgrade cups-1.1.14-2U80_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/cups-1.1.14-2U80_5cl.i386.rpm
Update for Conectiva Linux 8.0.
Conectiva Upgrade cups-devel-1.1.14-2U80_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/cups-devel-1.1.14-2U80_5cl.i386.rpm
Update for Conectiva Linux 8.0.
Conectiva Upgrade cups-devel-static-1.1.14-2U80_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/cups-devel-static-1.1.14-2U80_5cl.i386.rpm
Update for Conectiva Linux 8.0.
Conectiva Upgrade cups-doc-1.1.14-2U80_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/cups-doc-1.1.14-2U80_5cl.i386.rpm
Update for Conectiva Linux 8.0.
Conectiva Upgrade cups-libs-1.1.14-2U80_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/cups-libs-1.1.14-2U80_5cl.i386.rpm
Update for Conectiva Linux 8.0.
Easy Software Products CUPS 1.1.15:
Conectiva Upgrade cups-1.1.15-132.i586.rpm
ftp://ul.conectiva.com.br/updates/1.0/RPMS.core/cups-1.1.15-132.i586.rpm
Conectiva Upgrade cups-client-1.1.15-132.i586.rpm
ftp://ul.conectiva.com.br/updates/1.0/RPMS.core/cups-client-1.1.15-132.i586.rpm
Conectiva Upgrade cups-devel-1.1.15-132.i586.rpm
ftp://ul.conectiva.com.br/updates/1.0/RPMS.core/cups-devel-1.1.15-132.i586.rpm
Conectiva Upgrade cups-libs-1.1.15-132.i586.rpm
ftp://ul.conectiva.com.br/updates/1.0/RPMS.core/cups-libs-1.1.15-132.i586.rpm
Easy Software Products CUPS 1.1.18:
Mandrake Upgrade cups-1.1.18-2.2.C21mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Corporate Server 2.1.
Mandrake Upgrade cups-common-1.1.18-2.2.C21mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Corporate Server 2.1.
Mandrake Upgrade cups-serial-1.1.18-2.2.C21mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Corporate Server 2.1.
Mandrake Upgrade libcups1-1.1.18-2.2.C21mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Corporate Server 2.1.
Mandrake Upgrade libcups1-devel-1.1.18-2.2.C21mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Corporate Server 2.1.
Mandrake Upgrade cups-1.1.18-2.2.C21mdk.x86_64.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Corporate Server 2.1/x86_64.
Mandrake Upgrade cups-common-1.1.18-2.2.C21mdk.x86_64.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Corporate Server 2.1/x86_64.
Mandrake Upgrade cups-serial-1.1.18-2.2.C21mdk.x86_64.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Corporate Server 2.1/x86_64.
Mandrake Upgrade libcups1-1.1.18-2.2.C21mdk.x86_64.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Corporate Server 2.1/x86_64.
Mandrake Upgrade libcups1-devel-1.1.18-2.2.C21mdk.x86_64.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Corporate Server 2.1/x86_64.
Mandrake Upgrade cups-1.1.18-2.2.90mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 9.0.
Mandrake Upgrade cups-common-1.1.18-2.2.90mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 9.0.
Mandrake Upgrade cups-serial-1.1.18-2.2.90mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 9.0.
Mandrake Upgrade libcups1-1.1.18-2.2.90mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 9.0.
Mandrake Upgrade libcups1-devel-1.1.18-2.2.90mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 9.0.
Conectiva Upgrade cups-1.1.18-29091U90_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/cups-1.1.18-29091U90_2cl.i386.rpm
Update for Conectiva Linux 9.0.
Conectiva Upgrade cups-devel-1.1.18-29091U90_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/cups-devel-1.1.18-29091U90_2cl.i386.rpm
Update for Conectiva Linux 9.0.
Conectiva Upgrade cups-devel-static-1.1.18-29091U90_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/cups-devel-static-1.1.18-29091U90_2cl.i386.rpm
Update for Conectiva Linux 9.0.
Conectiva Upgrade cups-doc-1.1.18-29091U90_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/cups-doc-1.1.18-29091U90_2cl.i386.rpm
Update for Conectiva Linux 9.0.
Conectiva Upgrade cups-libs-1.1.18-29091U90_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/cups-libs-1.1.18-29091U90_2cl.i386.rpm
Update for Conectiva Linux 9.0.
TurboLinux TurboLinux 8.0 Workstation:
TurboLinux Upgrade cups-1.1.19-11.i586.rpm
linux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/cups-1.1.19-11.i586.rpm">
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/cups-1.1.19-11.i586.rpm
TurboLinux Upgrade cups-devel-1.1.19-11.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/cups-devel-1.1.19-11.i586.rpm
TurboLinux Upgrade cups-libs-1.1.19-11.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/cups-libs-1.1.19-11.i586.rpm
TurboLinux TurboLinux 8.0 Server:
TurboLinux Upgrade cups-1.1.19-11.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/cups-1.1.19-11.i586.rpm
TurboLinux Upgrade cups-devel-1.1.19-11.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/cups-devel-1.1.19-11.i586.rpm
TurboLinux Upgrade cups-libs-1.1.19-11.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/cups-libs-1.1.19-11.i586.rpm
相关信息
Paul Mitcheson
参考:
http://www.securityfocus.com/advisories/6015
http://www.securityfocus.com/advisories/6035
http://www.securityfocus.com/advisories/6031
http://www.securityfocus.com/advisories/6111