SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com





Category:   Application (Generic)  >   CUPS Vendors:   Easy Software Products
(Apple Issues Fix) CUPS Heap Overflow Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1019676
SecurityTracker URL:  http://securitytracker.com/id/1019676
CVE Reference:   CVE-2008-0047   (Links to External Site)
Updated:  Mar 26 2008
Original Entry Date:  Mar 19 2008
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 1.3.5, possibly other versions
Description:   A vulnerability was reported in CUPS (Common UNIX Printing System). A remote user can execute arbitrary code on the target system.

A remote user can send specially crafted data to TCP port 631 to trigger a heap overflow and execute arbitrary code on the target system. The code will run with the privileges of the target service.

The vendor was notified on February 26, 2008.

regenrecht reported this vulnerability via iDefense.

Impact:   A remote user can execute arbitrary code on the target system.
Solution:   Apple has issued a fix as part of Security Update 2008-002, available from the Software Update pane in System Preferences, or Apple's Software Downloads web site at:

http://www.apple.com/support/downloads/

On March 26, 2008, Apple issued a revised update (Security Update 2008-002 v1.1) for Mac OS X 10.5.2 to correct a non-security reliability issue with the Aperture 'Printer Settings' button. The revised files are listed below.

For Mac OS X v10.5.2
The download file is named: "SecUpd2008-002.v1.1.dmg"
Its SHA-1 digest is: 9e50032326611245bb5382099a60cbcd4d1852c9

For Mac OS X Server v10.5.2
The download file is named: "SecUpdSrvr2008-002.v1.1.dmg"
Its SHA-1 digest is: 73f6085ab0660018635fef28df0589754f50a69a

For Mac OS X v10.4.11 (Universal)
The download file is named: "SecUpd2008-002Univ.dmg"
Its SHA-1 digest is: 49b1c6b1a919b33cbaada1c86eb501291e7145e8

For Mac OS X v10.4.11 (PPC)
The download file is named: "SecUpd2008-002PPC.dmg"
Its SHA-1 digest is: 8a838e33b6720184a4e4e13c17392892e5a06a56

For Mac OS X Server v10.4.11 (Universal)
The download file is named: "SecUpdSrvr2008-002Univ.dmg"
Its SHA-1 digest is: 77074bdd1d0574abe9631b12011f8ef1d15151b3

For Mac OS X Server v10.4.11 (PPC)
The download file is named: "SecUpdSrvr2008-002PPC.dmg"
Its SHA-1 digest is: 1b5f3c1464b1fce0d77f44e50a0b662b467e3fd0

The vendor's advisory is available at:

http://docs.info.apple.com/article.html?artnum=307562
Vendor URL:  www.cups.org/ (Links to External Site)
Cause:   Boundary error
Underlying OS:   UNIX (OS X)

Message History:   This archive entry is a follow-up to the message listed below.
Mar 18 2008 CUPS Heap Overflow Lets Remote Users Execute Arbitrary Code


 Source Message Contents


[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

Copyright 2012, SecurityGlobal.net LLC