Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Gain a shell remotely --> Category: infos

CUPS < 1.1.23 Multiple Vulnerabilities Vulnerability Scan

Vulnerability Scan Summary
Checks version of CUPS

Detailed Explanation for this Vulnerability Test

The remote host is running a CUPS server whose version number is
between 1.0.4 and 1.1.22 inclusive. Such versions are prone to
multiple vulnerabilities :

- A remotely exploitable buffer overflow in the 'hpgltops'
filter that enable specially crafted HPGL files can
execute arbitrary commands as the CUPS 'lp' account.

- A local user may be able to prevent anyone from changing
his or her password until a temporary copy of the new
password file is cleaned up ('lppasswd' flaw).

- A local user may be able to add arbitrary content to the
password file by closing the stderr file descriptor
while running lppasswd (lppasswd flaw).

- A local attacker may be able to truncate the CUPS
password file, thereby denying service to valid clients
using digest authentication. (lppasswd flaw).

- The application applys ACLs to incoming print jobs in a
case-sensitive fashion. Thus, a possible hacker can bypass
restrictions by changing the case in printer names when
submitting jobs. [Fixed in 1.1.21.]

***** Nessus has acertaind the vulnerability exists simply
***** by looking at the version number of CUPS installed on
***** the remote host.

See also :
Solution : Upgrade to CUPS 1.1.23 or later.
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.