seeing is believing

Mandriva Linux Security Advisory 2008-211

Mandriva Linux Security Advisory 2008-211
Posted Oct 11, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A buffer overflow in the SGI image format decoding routines used by the CUPS image converting filter imagetops was discovered. An attacker could create malicious SGI image files that could possibly execute arbitrary code if the file was printed. An integer overflow flaw leading to a heap buffer overflow was found in the Text-to-PostScript texttops filter. An attacker could create a malicious text file that could possibly execute arbitrary code if the file was printed. Finally, an insufficient buffer bounds checking flaw was found in the HP-GL/2-to-PostScript hpgltops filter. An attacker could create a malicious HP-GL/2 file that could possibly execute arbitrary code if the file was printed. The updated packages have been patched to prevent this issue; for Mandriva Linux 2009.0 the latest CUPS version (1.3.9) is provided that corrects these issues and also provides other bug fixes.

tags | advisory, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2008-3639, CVE-2008-3640, CVE-2008-3641
MD5 | 869230af219e9221f53868047fa06838

Mandriva Linux Security Advisory 2008-211

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2008:211
http://www.mandriva.com/security/
_______________________________________________________________________

Package : cups
Date : October 10, 2008
Affected: 2007.1, 2008.0, 2008.1, 2009.0, Corporate 3.0, Corporate 4.0
_______________________________________________________________________

Problem Description:

A buffer overflow in the SGI image format decoding routines used by the
CUPS image converting filter imagetops was discovered. An attacker
could create malicious SGI image files that could possibly execute
arbitrary code if the file was printed (CVE-2008-3639).

An integer overflow flaw leading to a heap buffer overflow was found
in the Text-to-PostScript texttops filter. An attacker could create
a malicious text file that could possibly execute arbitrary code if
the file was printed (CVE-2008-3640).

Finally, an insufficient buffer bounds checking flaw was found in
the HP-GL/2-to-PostScript hpgltops filter. An attacker could create
a malicious HP-GL/2 file that could possibly execute arbitrary code
if the file was printed (CVE-2008-3641).

The updated packages have been patched to prevent this issue; for
Mandriva Linux 2009.0 the latest CUPS version (1.3.9) is provided
that corrects these issues and also provides other bug fixes.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3639
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3640
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3641
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2007.1:
d8041b477aac8897e465fd7885c4f046 2007.1/i586/cups-1.2.10-2.8mdv2007.1.i586.rpm
85169e175683eee33f38c3dc6dca555d 2007.1/i586/cups-common-1.2.10-2.8mdv2007.1.i586.rpm
3838db5f9b5313587335232f4bdfadb7 2007.1/i586/cups-serial-1.2.10-2.8mdv2007.1.i586.rpm
4dac70286d0aaa55d0c585c4e485f4d6 2007.1/i586/libcups2-1.2.10-2.8mdv2007.1.i586.rpm
2647b541d7a80ea194d6cc4983342e14 2007.1/i586/libcups2-devel-1.2.10-2.8mdv2007.1.i586.rpm
5bf9cba238150a77016869b2b600e0bd 2007.1/i586/php-cups-1.2.10-2.8mdv2007.1.i586.rpm
3762b10d3a6b962ec6932856d635a119 2007.1/SRPMS/cups-1.2.10-2.8mdv2007.1.src.rpm

Mandriva Linux 2007.1/X86_64:
27098b09dc01c70600c55572cb928422 2007.1/x86_64/cups-1.2.10-2.8mdv2007.1.x86_64.rpm
fbd01859759af3a2e32244cfff7aaa33 2007.1/x86_64/cups-common-1.2.10-2.8mdv2007.1.x86_64.rpm
4197004f7a59cc90d8d51f8ff34e2997 2007.1/x86_64/cups-serial-1.2.10-2.8mdv2007.1.x86_64.rpm
6cc45d922f07d379db0de2e08eb1589e 2007.1/x86_64/lib64cups2-1.2.10-2.8mdv2007.1.x86_64.rpm
d7443db8a26f27b41c32c95dee129437 2007.1/x86_64/lib64cups2-devel-1.2.10-2.8mdv2007.1.x86_64.rpm
eca467e20954fea23fd050ee41d2ca4a 2007.1/x86_64/php-cups-1.2.10-2.8mdv2007.1.x86_64.rpm
3762b10d3a6b962ec6932856d635a119 2007.1/SRPMS/cups-1.2.10-2.8mdv2007.1.src.rpm

Mandriva Linux 2008.0:
837c0714eef677dfcdb1befc56012db5 2008.0/i586/cups-1.3.6-1.3mdv2008.0.i586.rpm
cb8d17edacf1dc1dc5915fbb35745d9a 2008.0/i586/cups-common-1.3.6-1.3mdv2008.0.i586.rpm
635eb3405a6b5a4b93ca6373207093df 2008.0/i586/cups-serial-1.3.6-1.3mdv2008.0.i586.rpm
59939c1a2a730a0887750bafb4cabee1 2008.0/i586/libcups2-1.3.6-1.3mdv2008.0.i586.rpm
6183d24df353f4e8082374951636a657 2008.0/i586/libcups2-devel-1.3.6-1.3mdv2008.0.i586.rpm
0f1df17bf9cc86bb607ef28d4b29c6b2 2008.0/i586/php-cups-1.3.6-1.3mdv2008.0.i586.rpm
68ac87937182de901cece9b93ba700fa 2008.0/SRPMS/cups-1.3.6-1.3mdv2008.0.src.rpm

Mandriva Linux 2008.0/X86_64:
5b73d5bfebbc66f8a56922c7b943f351 2008.0/x86_64/cups-1.3.6-1.3mdv2008.0.x86_64.rpm
a41d07d80c38b30ee5357b25f7b828ab 2008.0/x86_64/cups-common-1.3.6-1.3mdv2008.0.x86_64.rpm
34d6d4eb79b1ee5a9235843398301646 2008.0/x86_64/cups-serial-1.3.6-1.3mdv2008.0.x86_64.rpm
3157dcaafb55463d8ad149d99e4d0c55 2008.0/x86_64/lib64cups2-1.3.6-1.3mdv2008.0.x86_64.rpm
78b5f7fcedbbbef9c2318977b5f50264 2008.0/x86_64/lib64cups2-devel-1.3.6-1.3mdv2008.0.x86_64.rpm
082094f0923f72890f6dbb47eb9072b4 2008.0/x86_64/php-cups-1.3.6-1.3mdv2008.0.x86_64.rpm
68ac87937182de901cece9b93ba700fa 2008.0/SRPMS/cups-1.3.6-1.3mdv2008.0.src.rpm

Mandriva Linux 2008.1:
c22f4c131005e05768b0c45e931015c7 2008.1/i586/cups-1.3.6-5.2mdv2008.1.i586.rpm
8f1ad7b01f0d48aa920cb2378f5fce0a 2008.1/i586/cups-common-1.3.6-5.2mdv2008.1.i586.rpm
763dfee5def4727b34769298beb5c9fe 2008.1/i586/cups-serial-1.3.6-5.2mdv2008.1.i586.rpm
dadd48446b97869372535fb2ef02a471 2008.1/i586/libcups2-1.3.6-5.2mdv2008.1.i586.rpm
cf48ae8c17120d7d83b638f432620797 2008.1/i586/libcups2-devel-1.3.6-5.2mdv2008.1.i586.rpm
33d7dcb6b32e58bc38e847f827447b54 2008.1/i586/php-cups-1.3.6-5.2mdv2008.1.i586.rpm
25997a30a1fbc24e4a1a5017d15ac526 2008.1/SRPMS/cups-1.3.6-5.2mdv2008.1.src.rpm

Mandriva Linux 2008.1/X86_64:
3804ff0deea819d375cdee86b1d98bf4 2008.1/x86_64/cups-1.3.6-5.2mdv2008.1.x86_64.rpm
9f8550ffbb7778636b18c33c6854e163 2008.1/x86_64/cups-common-1.3.6-5.2mdv2008.1.x86_64.rpm
077652b9f481f72873b6e94a0f54fe17 2008.1/x86_64/cups-serial-1.3.6-5.2mdv2008.1.x86_64.rpm
569bcdcf971b564d3ad3cec8b6281fec 2008.1/x86_64/lib64cups2-1.3.6-5.2mdv2008.1.x86_64.rpm
05ce67f5f2bf9f27b69963bbc0ba3f6e 2008.1/x86_64/lib64cups2-devel-1.3.6-5.2mdv2008.1.x86_64.rpm
8a48fbfa84679702c496744f394ac4f6 2008.1/x86_64/php-cups-1.3.6-5.2mdv2008.1.x86_64.rpm
25997a30a1fbc24e4a1a5017d15ac526 2008.1/SRPMS/cups-1.3.6-5.2mdv2008.1.src.rpm

Mandriva Linux 2009.0:
3480a3533f163c8559254c7dc7dccca4 2009.0/i586/cups-1.3.9-0.1mdv2009.0.i586.rpm
2eda3ae527a0d6477bf2f52f57f37297 2009.0/i586/cups-common-1.3.9-0.1mdv2009.0.i586.rpm
1b0849a0dcd6cc52debfdc23ca347e60 2009.0/i586/cups-serial-1.3.9-0.1mdv2009.0.i586.rpm
9ef6a24d1e8155bea9e7e148252dc4e7 2009.0/i586/libcups2-1.3.9-0.1mdv2009.0.i586.rpm
2a8be000df9a71f506a039e58faaf1b4 2009.0/i586/libcups2-devel-1.3.9-0.1mdv2009.0.i586.rpm
7f04461fd982b387144f73612b3cbd86 2009.0/i586/php-cups-1.3.9-0.1mdv2009.0.i586.rpm
1c16860c6f7af958cb6744dd60ffd63e 2009.0/SRPMS/cups-1.3.9-0.1mdv2009.0.src.rpm

Mandriva Linux 2009.0/X86_64:
926221e97b7c4c52562468b26066f049 2009.0/x86_64/cups-1.3.9-0.1mdv2009.0.x86_64.rpm
96abb10e235084a80cd17c79cc31a360 2009.0/x86_64/cups-common-1.3.9-0.1mdv2009.0.x86_64.rpm
cb817300fa6d8c9b40a0f8a01572d691 2009.0/x86_64/cups-serial-1.3.9-0.1mdv2009.0.x86_64.rpm
d56cea0645b26b668f9b8a66f2dc090f 2009.0/x86_64/lib64cups2-1.3.9-0.1mdv2009.0.x86_64.rpm
f4a04369ad8d202d87ea49a3da4ab67c 2009.0/x86_64/lib64cups2-devel-1.3.9-0.1mdv2009.0.x86_64.rpm
85124180f179ae504ad2f27ef814683d 2009.0/x86_64/php-cups-1.3.9-0.1mdv2009.0.x86_64.rpm
1c16860c6f7af958cb6744dd60ffd63e 2009.0/SRPMS/cups-1.3.9-0.1mdv2009.0.src.rpm

Corporate 3.0:
d235e680a70a94ce2c32a556a1fea6d5 corporate/3.0/i586/cups-1.1.20-5.19.C30mdk.i586.rpm
eccffd52489f0aca14a11b6b88a5c59f corporate/3.0/i586/cups-common-1.1.20-5.19.C30mdk.i586.rpm
743aad40e707a1c6ec8de19e6ba19668 corporate/3.0/i586/cups-serial-1.1.20-5.19.C30mdk.i586.rpm
931bd82e26396ef7109369893e8fb740 corporate/3.0/i586/libcups2-1.1.20-5.19.C30mdk.i586.rpm
007b156ceb1f78c107a05bba499f544d corporate/3.0/i586/libcups2-devel-1.1.20-5.19.C30mdk.i586.rpm
685d93ef91df7b10faefae3d9c8a2e20 corporate/3.0/SRPMS/cups-1.1.20-5.19.C30mdk.src.rpm

Corporate 3.0/X86_64:
c57219da87ef50832e74efbfd3471f64 corporate/3.0/x86_64/cups-1.1.20-5.19.C30mdk.x86_64.rpm
6f9772a800e70f1e3766d76de8dcf6e3 corporate/3.0/x86_64/cups-common-1.1.20-5.19.C30mdk.x86_64.rpm
e1221063527caed05a6e94f9cebed9ab corporate/3.0/x86_64/cups-serial-1.1.20-5.19.C30mdk.x86_64.rpm
a0b15b24cfc995a7a769c1e87d53a696 corporate/3.0/x86_64/lib64cups2-1.1.20-5.19.C30mdk.x86_64.rpm
aaabff95ac9a30ff1d9ce224612bcb50 corporate/3.0/x86_64/lib64cups2-devel-1.1.20-5.19.C30mdk.x86_64.rpm
685d93ef91df7b10faefae3d9c8a2e20 corporate/3.0/SRPMS/cups-1.1.20-5.19.C30mdk.src.rpm

Corporate 4.0:
56f3e394ac8e4b4e7d423c7989d2e6af corporate/4.0/i586/cups-1.2.4-0.10.20060mlcs4.i586.rpm
dcb4425723e63a2d094305cde05890f3 corporate/4.0/i586/cups-common-1.2.4-0.10.20060mlcs4.i586.rpm
348427ebb4f1f1f530c3c129850de957 corporate/4.0/i586/cups-serial-1.2.4-0.10.20060mlcs4.i586.rpm
d0a8052949416c5ba260b48596cbf415 corporate/4.0/i586/libcups2-1.2.4-0.10.20060mlcs4.i586.rpm
ab7637abe249e4369cf39d37113ba37f corporate/4.0/i586/libcups2-devel-1.2.4-0.10.20060mlcs4.i586.rpm
86af12b21de1212e72286e9b2db23caa corporate/4.0/i586/php-cups-1.2.4-0.10.20060mlcs4.i586.rpm
5a7d0a19238e8b654821bb87355f9f27 corporate/4.0/SRPMS/cups-1.2.4-0.10.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
59784628a2385248e8d71c1476773071 corporate/4.0/x86_64/cups-1.2.4-0.10.20060mlcs4.x86_64.rpm
a7933ad29b9a77973fcf7feb02c381b9 corporate/4.0/x86_64/cups-common-1.2.4-0.10.20060mlcs4.x86_64.rpm
26da08a5da63053f418e47792cf26280 corporate/4.0/x86_64/cups-serial-1.2.4-0.10.20060mlcs4.x86_64.rpm
0614662f2661171ade097e562a94c635 corporate/4.0/x86_64/lib64cups2-1.2.4-0.10.20060mlcs4.x86_64.rpm
a899db16ce3db8ec71aaef67a6650616 corporate/4.0/x86_64/lib64cups2-devel-1.2.4-0.10.20060mlcs4.x86_64.rpm
9e3dc91c4390d7ba60ca26dcc095b8d8 corporate/4.0/x86_64/php-cups-1.2.4-0.10.20060mlcs4.x86_64.rpm
5a7d0a19238e8b654821bb87355f9f27 corporate/4.0/SRPMS/cups-1.2.4-0.10.20060mlcs4.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFI8DeJmqjQ0CJFipgRAmbxAKCxSRvJTtancZ/puQkgifGbRQnZIQCg6Bum
EnuxPIlaIiQWBIjMSk4WWoo=
=aMXC
-----END PGP SIGNATURE-----

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close