Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2004.0576 -- RHSA-2004:449-01 Updated CUPS packages fix security vulnerability 16 September 2004 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: CUPS Publisher: Red Hat Operating System: Red Hat Enterprise Linux AS/ES/WS 3 Red Hat Desktop version 3 Linux variants Impact: Denial of Service Access: Remote/Unauthenticated CVE Names: CAN-2004-0558 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Updated CUPS packages fix security vulnerability Advisory ID: RHSA-2004:449-01 Issue date: 2004-09-15 Updated on: 2004-09-15 Product: Red Hat Enterprise Linux Keywords: DoS CVE Names: CAN-2004-0558 - - --------------------------------------------------------------------- 1. Summary: Updated cups packages that fix a denial of service vulnerability are now available. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, ppc64, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: The Common UNIX Printing System (CUPS) is a print spooler. Alvaro Martinez Echevarria reported a bug in the CUPS Internet Printing Protocol (IPP) implementation in versions of CUPS prior to 1.1.21. An attacker could send a carefully crafted UDP packet to the IPP port which could cause CUPS to stop listening to the port and result in a denial of service. In order to exploit this bug, an attacker would need to have the ability to send a UDP packet to the IPP port (by default 631). The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0558 to this issue. All users of cups should upgrade to these updated packages, which contain a backported patch as well as a fix for a non-exploitable off-by-one bug. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/cups-1.1.17-13.3.13.src.rpm 60dc089f4fdb7afe47386fcdc94b0d01 cups-1.1.17-13.3.13.src.rpm i386: 419ce850064ec7a68a37e244cac682b2 cups-1.1.17-13.3.13.i386.rpm 414bce4e73e9228729077adf7930f0ae cups-devel-1.1.17-13.3.13.i386.rpm b2e3b1632f6f334bf6ade32a6c4fc7b3 cups-libs-1.1.17-13.3.13.i386.rpm ia64: 6e99a473c522a8c0a55dd73ee2e65b3a cups-1.1.17-13.3.13.ia64.rpm a552ed6d24c3976fcd9bba81d5752310 cups-devel-1.1.17-13.3.13.ia64.rpm ae45026d23525d73f25a047a118164fd cups-libs-1.1.17-13.3.13.ia64.rpm ppc: d007ad080ce2d4016db742799cb7e7a5 cups-1.1.17-13.3.13.ppc.rpm e9ff080a397800ca9793342a4aee8046 cups-devel-1.1.17-13.3.13.ppc.rpm 99a113852d6089d14ea6fd679ba7a1a7 cups-libs-1.1.17-13.3.13.ppc.rpm ppc64: 8550fc9d8d1cf53da14707ecb5188a75 cups-1.1.17-13.3.13.ppc64.rpm d664204e2dd7c589d9f4dd10b8f32416 cups-devel-1.1.17-13.3.13.ppc64.rpm 72cc935233689e4c04737c68e36d3b29 cups-libs-1.1.17-13.3.13.ppc64.rpm s390: ae6fc52460a480b8ede3826ce9cd19e2 cups-1.1.17-13.3.13.s390.rpm 15ce65330b66ee7f66512ef0d549ca94 cups-devel-1.1.17-13.3.13.s390.rpm d1f0c816f04bb0960586261e34ae8098 cups-libs-1.1.17-13.3.13.s390.rpm s390x: 2372e49ffedcb132058e7b4c9452a741 cups-1.1.17-13.3.13.s390x.rpm d435369ed54389c1c22151ee18f0e9a7 cups-devel-1.1.17-13.3.13.s390x.rpm 32f55417cc798fbb612921d192c29436 cups-libs-1.1.17-13.3.13.s390x.rpm x86_64: b11c94a17939d262b76721fee9714c50 cups-1.1.17-13.3.13.x86_64.rpm 48b22c34e077212a6c1721bcadd01ca4 cups-devel-1.1.17-13.3.13.x86_64.rpm 07ed1e9a684182ffbaa63144cd230e1a cups-libs-1.1.17-13.3.13.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/cups-1.1.17-13.3.13.src.rpm 60dc089f4fdb7afe47386fcdc94b0d01 cups-1.1.17-13.3.13.src.rpm i386: 419ce850064ec7a68a37e244cac682b2 cups-1.1.17-13.3.13.i386.rpm 414bce4e73e9228729077adf7930f0ae cups-devel-1.1.17-13.3.13.i386.rpm b2e3b1632f6f334bf6ade32a6c4fc7b3 cups-libs-1.1.17-13.3.13.i386.rpm x86_64: b11c94a17939d262b76721fee9714c50 cups-1.1.17-13.3.13.x86_64.rpm 48b22c34e077212a6c1721bcadd01ca4 cups-devel-1.1.17-13.3.13.x86_64.rpm 07ed1e9a684182ffbaa63144cd230e1a cups-libs-1.1.17-13.3.13.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/cups-1.1.17-13.3.13.src.rpm 60dc089f4fdb7afe47386fcdc94b0d01 cups-1.1.17-13.3.13.src.rpm i386: 419ce850064ec7a68a37e244cac682b2 cups-1.1.17-13.3.13.i386.rpm 414bce4e73e9228729077adf7930f0ae cups-devel-1.1.17-13.3.13.i386.rpm b2e3b1632f6f334bf6ade32a6c4fc7b3 cups-libs-1.1.17-13.3.13.i386.rpm ia64: 6e99a473c522a8c0a55dd73ee2e65b3a cups-1.1.17-13.3.13.ia64.rpm a552ed6d24c3976fcd9bba81d5752310 cups-devel-1.1.17-13.3.13.ia64.rpm ae45026d23525d73f25a047a118164fd cups-libs-1.1.17-13.3.13.ia64.rpm x86_64: b11c94a17939d262b76721fee9714c50 cups-1.1.17-13.3.13.x86_64.rpm 48b22c34e077212a6c1721bcadd01ca4 cups-devel-1.1.17-13.3.13.x86_64.rpm 07ed1e9a684182ffbaa63144cd230e1a cups-libs-1.1.17-13.3.13.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/cups-1.1.17-13.3.13.src.rpm 60dc089f4fdb7afe47386fcdc94b0d01 cups-1.1.17-13.3.13.src.rpm i386: 419ce850064ec7a68a37e244cac682b2 cups-1.1.17-13.3.13.i386.rpm 414bce4e73e9228729077adf7930f0ae cups-devel-1.1.17-13.3.13.i386.rpm b2e3b1632f6f334bf6ade32a6c4fc7b3 cups-libs-1.1.17-13.3.13.i386.rpm ia64: 6e99a473c522a8c0a55dd73ee2e65b3a cups-1.1.17-13.3.13.ia64.rpm a552ed6d24c3976fcd9bba81d5752310 cups-devel-1.1.17-13.3.13.ia64.rpm ae45026d23525d73f25a047a118164fd cups-libs-1.1.17-13.3.13.ia64.rpm x86_64: b11c94a17939d262b76721fee9714c50 cups-1.1.17-13.3.13.x86_64.rpm 48b22c34e077212a6c1721bcadd01ca4 cups-devel-1.1.17-13.3.13.x86_64.rpm 07ed1e9a684182ffbaa63144cd230e1a cups-libs-1.1.17-13.3.13.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key.html#package 6. References: http://www.cups.org/str.php?L863 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0558 7. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact.html Copyright 2004 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQFBSGPjXlSAg2UNWIIRAq81AJ9jB2yT4bsHFA+lphm31RBnRu/XAQCgjC7j qdkPURv0ZHj/Y0n+J2D2meo= =qc5V - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQCVAwUBQUj06Sh9+71yA2DNAQJToAQAk//8RdvRYrCC1o+4jCyuRwTLlY/esxkK ztYM9gZzRNZ9yjKRTGfjInLwznqxDrYQ365cyF4NXC6vhKuQ7+oP8lupoj+M3bdd GCOFZbpSnHz8/98CrMMCbHtJRiNf25JARMbml3MFSJFIBstEGqkd34x1HBpoAjdw WT1rFQAXmUw= =ja0S -----END PGP SIGNATURE-----