Family: SuSE Local Security Checks --> Category: infos
SUSE-SA:2004:031: cups Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the cups package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory SUSE-SA:2004:031 (cups).
The Common Unix Printing System (CUPS) enables local and remote users to
obtain printing functionallity via the Internet Printing Protocol (IPP).
Alvaro Martinez Echevarria has found a remote Denial of Service condition
within CUPS which allows remote users to make the cups server unresponsive.
Additionally the SUSE Security Team has discovered a flaw in the
foomatic-rip print filter which is commonly installed along with cups.
It allows remote attackers, which are listed in the printing ACLs, to
execute arbitrary commands as the printing user 'lp'.
Solution : http://www.suse.de/security/2004_31_cups.html
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.