Family: Fedora Local Security Checks --> Category: infos
Fedora Core 2 2004-303: foomatic Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the foomatic package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory FEDORA-2004-303 (foomatic).
Foomatic is a comprehensive, spooler-independent database of printers,
printer drivers, and driver descriptions. It contains utilities to
generate driver description files and printer queues for CUPS, LPD,
LPRng, and PDQ using the database. There is also the possibility to
read the PJL options out of PJL-capable laser printers and take them
into account at the driver description file generation.
There are spooler-independent command line interfaces to manipulate
queues (foomatic-configure) and to print files/manipulate jobs
The site http://www.linuxprinting.org/ is based on this database.
Sebastian Krahmer reported a bug in the cupsomatic and foomatic-rip print
filters, used by the CUPS print spooler. A possible hacker who has printing
access could send a carefully named file to the print server causing
arbitrary commands to be executed as root. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CVE-2004-0801 to
Solution : http://www.fedoranews.org/updates/FEDORA-2004-303.shtml
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.