CUPS Vulnerabilities
Updated 12/27/02
CVE 2001-0194
CAN 2001-1332
CAN 2001-1333
CVE 2002-0063
CAN 2002-1366
CAN 2002-1367
CAN 2002-1368
CAN 2002-1369
CAN 2002-1371
CAN 2002-1372
CAN 2002-1383
Impact
If this vulnerability is present, a local or remote attacker could
gain root privileges on the server.
Background
The Common UNIX Printing System
(CUPS) is a print server which can be used as an alternative
to lpr or LPRng.
The Problems
12/27/02
CAN 2002-1366
CAN 2002-1367
CAN 2002-1368
CAN 2002-1369
CAN 2002-1371
CAN 2002-1372
CAN 2002-1383
CUPS versions prior to 1.1.18 are affected by a race
condition, a root certificate design flaw, file descriptor
resource leaks, various types of overflows, and other
unsafe system calls. Local attackers, and possibly remote
attackers, could gain root access or cause a denial of
service.
2/20/02
CVE 2001-0194
CAN 2001-1332
CAN 2001-1333
CVE 2002-0063
Several buffer overflows and insecure file handling in CUPS
versions prior to 1.1.14 could also
allow a local or remote attacker to gain root privileges.
Resolution
Install the latest version
of CUPS, or an updated package from your vendor. Note that
some vendors backport fixes to earlier versions of CUPS,
so the fixed package is not necessarily version 1.1.18 for
your vendor.
As an additional precaution, access to port 631/TCP from
outside the network should be denied.
Where can I read more about this?
The latest vulnerability in CUPS was announced in
iDEFENSE Security Advisory 12.19.02.
Earlier vulnerabilities were announced in
Debian Security Advisory 110,
Mandrake Security Advisory 2002:015, and
SuSE
Security Announcement 2001:05, but be aware that the fixes
described in these announcements will not fix the latest vulnerabilities.