CUPS负长度HTTP头漏洞

漏洞信息详情

CUPS负长度HTTP头漏洞

• CNNVD编号：CNNVD-200212-076
• 危害等级： 高危
  
  
• CVE编号：
  CVE-2002-1368
  
• 漏洞类型：
  
  
  边界条件错误
  
• 发布时间：
  
  2002-12-26
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  easy_software_products
• 漏洞来源：
  Discovered by zen-…

Common Unix Printing System (CUPS)1.1.14至1.1.17存在漏洞。远程攻击者可以通过HTTP请求中的（1）负内容长度值或（2）区块传输编码中的负长度导致负参数注入 memcpy()调用中，可能导致服务拒绝（崩溃）并可能执行任意代码。

Conectiva has released advisory CLA-2003:702 to address this issue. Further information regarding obtaining and applying fixes can be found in the referenced advisory.
It is recommended that all Gentoo Linux users who are running
net-print/cups-1.1.17_pre20021025 or earlier update their systems as
follows:
emerge rsync
emerge cups
emerge clean
Debian has released a security advisory (DSA 232-1) containing fixes. Users are advised to upgrade as soon as possible.
** Debian has released an updated advisory (DSA 232-2) containing links to corrected fixes containing the proper dependencies for libPNG.
This vulnerability is eliminated in CUPS 1.1.18. Red Hat is currently developing fixes. Apple MacOS X 10.2.3 and MacOS X Server 10.2.3 are not vulnerable.
Easy Software Products CUPS 1.0.4 -8

• Easy Software Products CUPS 1.1.18
  
  http://www.cups.org/software.html

Easy Software Products CUPS 1.0.4

• Debian cupsys-bsd_1.0.4-12.1_alpha.deb
  
  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.0.4
  -12.1_alpha.deb
• Debian cupsys-bsd_1.0.4-12.1_arm.deb
  
  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.0.4
  -12.1_arm.deb
• Debian cupsys-bsd_1.0.4-12.1_i386.deb
  
  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.0.4
  -12.1_i386.deb
• Debian cupsys-bsd_1.0.4-12.1_m68k.deb
  
  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.0.4
  -12.1_m68k.deb
• Debian cupsys-bsd_1.0.4-12.1_powerpc.deb
  
  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.0.4
  -12.1_powerpc.deb
• Debian cupsys-bsd_1.0.4-12.1_sparc.deb
  
  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.0.4
  -12.1_sparc.deb
• Debian cupsys_1.0.4-12.1_alpha.deb
  
  http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.0.4-12.
  1_alpha.deb
• Debian cupsys_1.0.4-12.1_arm.deb
  
  http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.0.4-12.
  1_arm.deb
• Debian cupsys_1.0.4-12.1_i386.deb
  
  http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.0.4-12.
  1_i386.deb
• Debian cupsys_1.0.4-12.1_m68k.deb
  
  http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.0.4-12.
  1_m68k.deb
• Debian cupsys_1.0.4-12.1_powerpc.deb
  
  http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.0.4-12.
  1_powerpc.deb
• Debian cupsys_1.0.4-12.1_sparc.deb
  
  http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.0.4-12.
  1_sparc.deb
• Easy Software Products CUPS 1.1.18
  
  http://www.cups.org/software.html

Easy Software Products CUPS 1.1.1

• Easy Software Products CUPS 1.1.18
  
  http://www.cups.org/software.html

Easy Software Products CUPS 1.1.10

• Conectiva cups-1.1.14-1U70_4cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/7.0/RPMS/cups-1.1.14-1U70_4cl.i386
  .rpm
• Conectiva cups-devel-1.1.14-1U70_4cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/7.0/RPMS/cups-devel-1.1.14-1U70_4c
  l.i386.rpm
• Conectiva cups-devel-static-1.1.14-1U70_4cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/7.0/RPMS/cups-devel-static-1.1.14-
  1U70_4cl.i386.rpm
• Conectiva cups-doc-1.1.14-1U70_4cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/7.0/RPMS/cups-doc-1.1.14-1U70_4cl.
  i386.rpm
• Conectiva cups-libs-1.1.14-1U70_4cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/7.0/RPMS/cups-libs-1.1.14-1U70_4cl
  .i386.rpm
• Easy Software Products CUPS 1.1.18
  
  http://www.cups.org/software.html
• MandrakeSoft cups-1.1.18-1.4mdk.i586.rpmMandrake Linux 8.1
  
  http://www.mandrakesecure.net/en/ftp.php
• MandrakeSoft cups-1.1.18-1.4mdk.ia64.rpmMandrake Linux 8.1/IA64
  
  http://www.mandrakesecure.net/en/ftp.php
• MandrakeSoft cups-common-1.1.18-1.4mdk.i586.rpmMandrake Linux 8.1
  
  http://www.mandrakesecure.net/en/ftp.php
• MandrakeSoft cups-common-1.1.18-1.4mdk.ia64.rpmMandrake Linux 8.1/IA64
  
  http://www.mandrakesecure.net/en/ftp.php
• MandrakeSoft cups-serial-1.1.18-1.4mdk.i586.rpmMandrake Linux 8.1
  
  http://www.mandrakesecure.net/en/ftp.php
• MandrakeSoft cups-serial-1.1.18-1.4mdk.ia64.rpmMandrake Linux 8.1/IA64
  
  http://www.mandrakesecure.net/en/ftp.php
• MandrakeSoft libcups1-1.1.18-1.4mdk.i586.rpmMandrake Linux 8.1
  
  http://www.mandrakesecure.net/en/ftp.php
• MandrakeSoft libcups1-1.1.18-1.4mdk.ia64.rpmMandrake Linux 8.1/IA64
  
  http://www.mandrakesecure.net/en/ftp.php
• MandrakeSoft libcups1-devel-1.1.18-1.4mdk.i586.rpmMandrake Linux 8.1
  
  http://www.mandrakesecure.net/en/ftp.php
• MandrakeSoft libcups1-devel-1.1.18-1.4mdk.ia64.rpmMandrake Linux 8.1/IA64
  
  http://www.mandrakesecure.net/en/ftp.php
• SCO cups-1.1.10-6.i386.rpm
  ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-004.0/R
  PMS/cups-1.1.10-6.i386.rpm
• SCO cups-1.1.10-6.i386.rpm
  

  参考网址

  来源: XF
  名称: cups-neg-memcpy-bo(10909)
  链接:http://xforce.iss.net/xforce/xfdb/10909

  来源: BID
  名称: 6437
  链接:http://www.securityfocus.com/bid/6437

  来源: REDHAT
  名称: RHSA-2002:295
  链接:http://www.redhat.com/support/errata/RHSA-2002-295.html

  来源: SUSE
  名称: SuSE-SA:2003:002
  链接:http://www.novell.com/linux/security/advisories/2003_002_cups.html

  来源: www.idefense.com
  链接:http://www.idefense.com/advisory/12.19.02.txt

  来源: DEBIAN
  名称: DSA-232
  链接:http://www.debian.org/security/2003/dsa-232

  来源: VULNWATCH
  名称: 20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS)
  链接:http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html

  来源: MANDRAKE
  名称: MDKSA-2003:001
  链接:http://www.mandriva.com/security/advisories?name=MDKSA-2003:001

  来源: SECUNIA
  名称: 9325
  链接:http://secunia.com/advisories/9325/

  来源: SECUNIA
  名称: 8080
  链接:http://secunia.com/advisories/8080/

  来源: SECUNIA
  名称: 7913
  链接:http://secunia.com/advisories/7913/

  来源: SECUNIA
  名称: 7907
  链接:http://secunia.com/advisories/7907

  来源: SECUNIA
  名称: 7858
  链接:http://secunia.com/advisories/7858

  来源: SECUNIA
  名称: 7843
  链接:http://secunia.com/advisories/7843

  来源: SECUNIA
  名称: 7803
  链接:http://secunia.com/advisories/7803

  来源: SECUNIA
  名称: 7794
  链接:http://secunia.com/advisories/7794

  来源: SECUNIA
  名称: 7756
  链接:http://secunia.com/advisories/7756/

  来源: BUGTRAQ
  名称: 20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS)
  链接:http://marc.theaimsgroup.com/?l=bugtraq&m=104032149026670&w=2

  来源: CONECTIVA
  名称: CLSA-2003:702
  链接:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000702

  来源: CALDERA
  名称: CSSA-2003-004.0
  链接:ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-004.0.txt