Family: Red Hat Local Security Checks --> Category: infos
RHSA-2005-132: cups Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the cups packages
Detailed Explanation for this Vulnerability Test
Updated cups packages that fix a security issue are now available.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
The Common UNIX Printing System (CUPS) is a print spooler.
During a source code audit, Chris Evans discovered a number of integer
overflow bugs that affect Xpdf. CUPS contained a copy of the Xpdf code
used for parsing PDF files and was therefore affected by these bugs. The
Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the
name CVE-2004-0888 to this issue, and Red Hat released erratum
RHSA-2004:543 with updated packages.
It was found that the patch used to correct this issue was not sufficient
and did not fully protect CUPS running on 64-bit architectures. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CVE-2005-0206 to this issue.
These updated packages also include a fix that prevents the CUPS
initscript from being accidentally replaced.
All users of CUPS on 64-bit architectures should upgrade to these updated
packages, which contain a corrected patch and are not vulnerable to these
Solution : http://rhn.redhat.com/errata/RHSA-2005-132.html
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.