Family: SuSE Local Security Checks --> Category: infos
SUSE-SA:2003:028: cups Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the cups package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory SUSE-SA:2003:028 (cups).
The well documented Common Unix Printing System (CUPS) was found vulnerable
to a remote Denial of Service attack. The CUPS daemon will stop serving
clients if the second carriage return in a request is not sent to
complete the header.
Since the vulnerability occurs before any authorization or address
verification there is no other workaround than shutting down the
To be sure the update takes effect you have to restart the CUPS daemon
by executing the following command as root:
Please download the update package for your distribution and verify its
integrity by the methods listed in section 3) of this announcement.
Then, install the package using the command 'rpm -Fhv file.rpm' to apply
Solution : http://www.suse.de/security/2003_028.html
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.