Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Производитель ПО
Наименование ПО
cups
(Unknown)
Описание
Утечка памяти в CUPS позволяет злоумышленникам, действующим удаленно, вызвать отказ в обслуживании (чрезмерное потребление ресурсов памяти и аварийное завершение работы демона), используя большое количество запросов на добавление или удаление совместно используемых принтеров.
Как исправить
Для устранения уязвимости необходимо установить последнюю версию продукта, соответствующую используемой платформе. Необходимую информацию можно получить по адресу:
http://www.cups.org/
http://www.cups.org/
Ссылки
BID (27988): http://www.securityfocus.com/bid/27988
REDHAT (RHSA-2008:0161): http://www.redhat.com/support/errata/RHSA-2008-0161.html
REDHAT (RHSA-2008:0153): http://www.redhat.com/support/errata/RHSA-2008-0153.html
CONFIRM (https://issues.rpath.com/browse/RPL-2283): https://issues.rpath.com/browse/RPL-2283
XF (cups-ippbrowse-memoryleak-dos(40842)): http://xforce.iss.net/xforce/xfdb/40842
SECTRACK (1019497): http://www.securitytracker.com/id?1019497
BUGTRAQ (20080229 rPSA-2008-0091-1 cups): http://www.securityfocus.com/archive/1/archive/1/488966/100/0/threaded
MANDRIVA (MDVSA-2008:050): http://www.mandriva.com/security/advisories?name=MDVSA-2008:050
VUPEN (ADV-2008-0924): http://www.frsirt.com/english/advisories/2008/0924/references
CONFIRM (http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0091): http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0091
CONFIRM (http://wiki.rpath.com/Advisories:rPSA-2008-0091): http://wiki.rpath.com/Advisories:rPSA-2008-0091
CONFIRM (http://support.avaya.com/elmodocs2/security/ASA-2008-098.htm): http://support.avaya.com/elmodocs2/security/ASA-2008-098.htm
CONFIRM (http://support.avaya.com/elmodocs2/security/ASA-2008-084.htm): http://support.avaya.com/elmodocs2/security/ASA-2008-084.htm
SUSE (SUSE-SA:2008:012): http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00000.html
APPLE (APPLE-SA-2008-03-18): http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
CONFIRM (http://docs.info.apple.com/article.html?artnum=307562): http://docs.info.apple.com/article.html?artnum=307562
REDHAT (RHSA-2008:0161): http://www.redhat.com/support/errata/RHSA-2008-0161.html
REDHAT (RHSA-2008:0153): http://www.redhat.com/support/errata/RHSA-2008-0153.html
CONFIRM (https://issues.rpath.com/browse/RPL-2283): https://issues.rpath.com/browse/RPL-2283
XF (cups-ippbrowse-memoryleak-dos(40842)): http://xforce.iss.net/xforce/xfdb/40842
SECTRACK (1019497): http://www.securitytracker.com/id?1019497
BUGTRAQ (20080229 rPSA-2008-0091-1 cups): http://www.securityfocus.com/archive/1/archive/1/488966/100/0/threaded
MANDRIVA (MDVSA-2008:050): http://www.mandriva.com/security/advisories?name=MDVSA-2008:050
VUPEN (ADV-2008-0924): http://www.frsirt.com/english/advisories/2008/0924/references
CONFIRM (http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0091): http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0091
CONFIRM (http://wiki.rpath.com/Advisories:rPSA-2008-0091): http://wiki.rpath.com/Advisories:rPSA-2008-0091
CONFIRM (http://support.avaya.com/elmodocs2/security/ASA-2008-098.htm): http://support.avaya.com/elmodocs2/security/ASA-2008-098.htm
CONFIRM (http://support.avaya.com/elmodocs2/security/ASA-2008-084.htm): http://support.avaya.com/elmodocs2/security/ASA-2008-084.htm
SUSE (SUSE-SA:2008:012): http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00000.html
APPLE (APPLE-SA-2008-03-18): http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
CONFIRM (http://docs.info.apple.com/article.html?artnum=307562): http://docs.info.apple.com/article.html?artnum=307562