[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#467653: cupsys: CVE-2008-0882 remote denial of service

Package: cupsys
Version: 1.3.5-1
Severity: grave
Tags: security patch

the following CVE (Common Vulnerabilities & Exposures) id was
published for cupsys.

| Double free vulnerability in the process_browse_data function in CUPS
| 1.3.5 allows remote attackers to cause a denial of service (daemon
| crash) and possibly execute arbitrary code via crafted packets to the
| cupsd port (631/udp), related to an unspecified manipulation of a
| remote printer.  NOTE: some of these details are obtained from third
| party information.

If you fix this vulnerability please also include the CVE id
in your changelog entry.

Patches can be found on:

For further information:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0882

Kind regards

Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.

Attachment: pgpA81hwVppAr.pgp
Description: PGP signature

Reply to: