what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

CVE-2008-5286

Status Candidate

Overview

Integer overflow in the _cupsImageReadPNG function in CUPS 1.1.17 through 1.3.9 allows remote attackers to execute arbitrary code via a PNG image with a large height value, which bypasses a validation check and triggers a buffer overflow.

Related Files

Mandriva Linux Security Advisory 2009-029
Posted Jan 25, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-029 - Security vulnerabilities have been discovered and corrected in CUPS. CUPS 1.1.17 through 1.3.9 allows remote attackers to execute arbitrary code via a PNG image with a large height value, which bypasses a validation check and triggers a buffer overflow. CUPS shipped with Mandriva Linux allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pdf.log temporary file. The updated packages have been patched to prevent this.

tags | advisory, remote, overflow, arbitrary, local, vulnerability
systems | linux, mandriva
advisories | CVE-2008-5286, CVE-2009-0032
SHA-256 | 5bd12d58fe984f20eaf9ce8cdca247ed7d8e7d8f56db06e9e6d14c5d9cc5ef19
Mandriva Linux Security Advisory 2009-028
Posted Jan 25, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-028 - Security vulnerabilities have been discovered and corrected in CUPS. CUPS before 1.3.8 allows local users, and possibly remote attackers, to cause a denial of service (daemon crash) by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference. The web interface (cgi-bin/admin.c) in CUPS before 1.3.8 uses the guest username when a user is not logged on to the web server, which makes it easier for remote attackers to bypass intended policy and conduct CSRF attacks via the (1) add and (2) cancel RSS subscription functions. CUPS 1.1.17 through 1.3.9 allows remote attackers to execute arbitrary code via a PNG image with a large height value, which bypasses a validation check and triggers a buffer overflow. CUPS shipped with Mandriva Linux allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pdf.log temporary file. The updated packages have been patched to prevent this.

tags | advisory, remote, web, denial of service, overflow, arbitrary, local, cgi, vulnerability
systems | linux, mandriva
advisories | CVE-2008-5183, CVE-2008-5184, CVE-2008-5286, CVE-2009-0032
SHA-256 | 1e8a4108fdf9c2d57d8db1cf6e760cbbcb404476f8da36f8cd8b11ddda80fdbe
Ubuntu Security Notice 707-1
Posted Jan 12, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-707-1 - It was discovered that CUPS didn't properly handle adding a large number of RSS subscriptions. A local user could exploit this and cause CUPS to crash, leading to a denial of service. This issue only applied to Ubuntu 7.10, 8.04 LTS and 8.10. It was discovered that CUPS did not authenticate users when adding and cancelling RSS subscriptions. An unprivileged local user could bypass intended restrictions and add a large number of RSS subscriptions. This issue only applied to Ubuntu 7.10 and 8.04 LTS. It was discovered that the PNG filter in CUPS did not properly handle certain malformed images. If a user or automated system were tricked into opening a crafted PNG image file, a remote attacker could cause a denial of service or execute arbitrary code with user privileges. In Ubuntu 7.10, 8.04 LTS, and 8.10, attackers would be isolated by the AppArmor CUPS profile. It was discovered that the example pstopdf CUPS filter created log files in an insecure way. Local users could exploit a race condition to create or overwrite files with the privileges of the user invoking the program. This issue only applied to Ubuntu 6.06 LTS, 7.10, and 8.04 LTS.

tags | advisory, remote, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2008-5183, CVE-2008-5184, CVE-2008-5286, CVE-2008-5377
SHA-256 | a74367854a58a1911ddaa489d9fd8218667d9571e9707336bebfe1ff63c0d9c3
Gentoo Linux Security Advisory 200812-11
Posted Dec 10, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200812-11 - Several remotely exploitable bugs have been found in CUPS, which allow remote execution of arbitrary code. Versions less than 1.3.9-r1 are affected.

tags | advisory, remote, arbitrary
systems | linux, gentoo
advisories | CVE-2008-3639, CVE-2008-3640, CVE-2008-3641, CVE-2008-5286
SHA-256 | 827cf9ee7779b7a80dd45cbbe00a496e41377152190668ccd97c51324afc527b
Debian Linux Security Advisory 1677-1
Posted Dec 2, 2008
Authored by Debian | Site debian.org

Debian Security Advisory DSA 1677-1 - An integer overflow has been discovered in the image validation code of cupsys, the Common UNIX Printing System. An attacker could trigger this bug by supplying a malicious graphic that could lead to the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, unix, debian
advisories | CVE-2008-5286
SHA-256 | 8b80bf7892307528425277fb7e9b0214a62daea0cbc4d7b1e498eae6f3e5ef0c
Page 1 of 1
Back1Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close