Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2004.0576 -- RHSA-2004:449-01
Updated CUPS packages fix security vulnerability
16 September 2004
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: CUPS
Publisher: Red Hat
Operating System: Red Hat Enterprise Linux AS/ES/WS 3
Red Hat Desktop version 3
Linux variants
Impact: Denial of Service
Access: Remote/Unauthenticated
CVE Names: CAN-2004-0558
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - ---------------------------------------------------------------------
Red Hat Security Advisory
Synopsis: Updated CUPS packages fix security vulnerability
Advisory ID: RHSA-2004:449-01
Issue date: 2004-09-15
Updated on: 2004-09-15
Product: Red Hat Enterprise Linux
Keywords: DoS
CVE Names: CAN-2004-0558
- - ---------------------------------------------------------------------
1. Summary:
Updated cups packages that fix a denial of service vulnerability are now
available.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, ppc64, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
3. Problem description:
The Common UNIX Printing System (CUPS) is a print spooler.
Alvaro Martinez Echevarria reported a bug in the CUPS Internet Printing
Protocol (IPP) implementation in versions of CUPS prior to 1.1.21. An
attacker could send a carefully crafted UDP packet to the IPP port which
could cause CUPS to stop listening to the port and result in a denial of
service. In order to exploit this bug, an attacker would need to have the
ability to send a UDP packet to the IPP port (by default 631). The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2004-0558 to this issue.
All users of cups should upgrade to these updated packages, which contain a
backported patch as well as a fix for a non-exploitable off-by-one bug.
4. Solution:
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:
up2date
For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:
http://www.redhat.com/docs/manuals/enterprise/
5. RPMs required:
Red Hat Enterprise Linux AS version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/cups-1.1.17-13.3.13.src.rpm
60dc089f4fdb7afe47386fcdc94b0d01 cups-1.1.17-13.3.13.src.rpm
i386:
419ce850064ec7a68a37e244cac682b2 cups-1.1.17-13.3.13.i386.rpm
414bce4e73e9228729077adf7930f0ae cups-devel-1.1.17-13.3.13.i386.rpm
b2e3b1632f6f334bf6ade32a6c4fc7b3 cups-libs-1.1.17-13.3.13.i386.rpm
ia64:
6e99a473c522a8c0a55dd73ee2e65b3a cups-1.1.17-13.3.13.ia64.rpm
a552ed6d24c3976fcd9bba81d5752310 cups-devel-1.1.17-13.3.13.ia64.rpm
ae45026d23525d73f25a047a118164fd cups-libs-1.1.17-13.3.13.ia64.rpm
ppc:
d007ad080ce2d4016db742799cb7e7a5 cups-1.1.17-13.3.13.ppc.rpm
e9ff080a397800ca9793342a4aee8046 cups-devel-1.1.17-13.3.13.ppc.rpm
99a113852d6089d14ea6fd679ba7a1a7 cups-libs-1.1.17-13.3.13.ppc.rpm
ppc64:
8550fc9d8d1cf53da14707ecb5188a75 cups-1.1.17-13.3.13.ppc64.rpm
d664204e2dd7c589d9f4dd10b8f32416 cups-devel-1.1.17-13.3.13.ppc64.rpm
72cc935233689e4c04737c68e36d3b29 cups-libs-1.1.17-13.3.13.ppc64.rpm
s390:
ae6fc52460a480b8ede3826ce9cd19e2 cups-1.1.17-13.3.13.s390.rpm
15ce65330b66ee7f66512ef0d549ca94 cups-devel-1.1.17-13.3.13.s390.rpm
d1f0c816f04bb0960586261e34ae8098 cups-libs-1.1.17-13.3.13.s390.rpm
s390x:
2372e49ffedcb132058e7b4c9452a741 cups-1.1.17-13.3.13.s390x.rpm
d435369ed54389c1c22151ee18f0e9a7 cups-devel-1.1.17-13.3.13.s390x.rpm
32f55417cc798fbb612921d192c29436 cups-libs-1.1.17-13.3.13.s390x.rpm
x86_64:
b11c94a17939d262b76721fee9714c50 cups-1.1.17-13.3.13.x86_64.rpm
48b22c34e077212a6c1721bcadd01ca4 cups-devel-1.1.17-13.3.13.x86_64.rpm
07ed1e9a684182ffbaa63144cd230e1a cups-libs-1.1.17-13.3.13.x86_64.rpm
Red Hat Desktop version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/cups-1.1.17-13.3.13.src.rpm
60dc089f4fdb7afe47386fcdc94b0d01 cups-1.1.17-13.3.13.src.rpm
i386:
419ce850064ec7a68a37e244cac682b2 cups-1.1.17-13.3.13.i386.rpm
414bce4e73e9228729077adf7930f0ae cups-devel-1.1.17-13.3.13.i386.rpm
b2e3b1632f6f334bf6ade32a6c4fc7b3 cups-libs-1.1.17-13.3.13.i386.rpm
x86_64:
b11c94a17939d262b76721fee9714c50 cups-1.1.17-13.3.13.x86_64.rpm
48b22c34e077212a6c1721bcadd01ca4 cups-devel-1.1.17-13.3.13.x86_64.rpm
07ed1e9a684182ffbaa63144cd230e1a cups-libs-1.1.17-13.3.13.x86_64.rpm
Red Hat Enterprise Linux ES version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/cups-1.1.17-13.3.13.src.rpm
60dc089f4fdb7afe47386fcdc94b0d01 cups-1.1.17-13.3.13.src.rpm
i386:
419ce850064ec7a68a37e244cac682b2 cups-1.1.17-13.3.13.i386.rpm
414bce4e73e9228729077adf7930f0ae cups-devel-1.1.17-13.3.13.i386.rpm
b2e3b1632f6f334bf6ade32a6c4fc7b3 cups-libs-1.1.17-13.3.13.i386.rpm
ia64:
6e99a473c522a8c0a55dd73ee2e65b3a cups-1.1.17-13.3.13.ia64.rpm
a552ed6d24c3976fcd9bba81d5752310 cups-devel-1.1.17-13.3.13.ia64.rpm
ae45026d23525d73f25a047a118164fd cups-libs-1.1.17-13.3.13.ia64.rpm
x86_64:
b11c94a17939d262b76721fee9714c50 cups-1.1.17-13.3.13.x86_64.rpm
48b22c34e077212a6c1721bcadd01ca4 cups-devel-1.1.17-13.3.13.x86_64.rpm
07ed1e9a684182ffbaa63144cd230e1a cups-libs-1.1.17-13.3.13.x86_64.rpm
Red Hat Enterprise Linux WS version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/cups-1.1.17-13.3.13.src.rpm
60dc089f4fdb7afe47386fcdc94b0d01 cups-1.1.17-13.3.13.src.rpm
i386:
419ce850064ec7a68a37e244cac682b2 cups-1.1.17-13.3.13.i386.rpm
414bce4e73e9228729077adf7930f0ae cups-devel-1.1.17-13.3.13.i386.rpm
b2e3b1632f6f334bf6ade32a6c4fc7b3 cups-libs-1.1.17-13.3.13.i386.rpm
ia64:
6e99a473c522a8c0a55dd73ee2e65b3a cups-1.1.17-13.3.13.ia64.rpm
a552ed6d24c3976fcd9bba81d5752310 cups-devel-1.1.17-13.3.13.ia64.rpm
ae45026d23525d73f25a047a118164fd cups-libs-1.1.17-13.3.13.ia64.rpm
x86_64:
b11c94a17939d262b76721fee9714c50 cups-1.1.17-13.3.13.x86_64.rpm
48b22c34e077212a6c1721bcadd01ca4 cups-devel-1.1.17-13.3.13.x86_64.rpm
07ed1e9a684182ffbaa63144cd230e1a cups-libs-1.1.17-13.3.13.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key.html#package
6. References:
http://www.cups.org/str.php?L863
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0558
7. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact.html
Copyright 2004 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQFBSGPjXlSAg2UNWIIRAq81AJ9jB2yT4bsHFA+lphm31RBnRu/XAQCgjC7j
qdkPURv0ZHj/Y0n+J2D2meo=
=qc5V
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBQUj06Sh9+71yA2DNAQJToAQAk//8RdvRYrCC1o+4jCyuRwTLlY/esxkK
ztYM9gZzRNZ9yjKRTGfjInLwznqxDrYQ365cyF4NXC6vhKuQ7+oP8lupoj+M3bdd
GCOFZbpSnHz8/98CrMMCbHtJRiNf25JARMbml3MFSJFIBstEGqkd34x1HBpoAjdw
WT1rFQAXmUw=
=ja0S
-----END PGP SIGNATURE-----