[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#467653: cupsys: CVE-2008-0882 remote denial of service



Package: cupsys
Version: 1.3.5-1
Severity: grave
Tags: security patch

Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for cupsys.

CVE-2008-0882[0]:
| Double free vulnerability in the process_browse_data function in CUPS
| 1.3.5 allows remote attackers to cause a denial of service (daemon
| crash) and possibly execute arbitrary code via crafted packets to the
| cupsd port (631/udp), related to an unspecified manipulation of a
| remote printer.  NOTE: some of these details are obtained from third
| party information.

If you fix this vulnerability please also include the CVE id
in your changelog entry.

Patches can be found on:
http://www.cups.org/str.php?L2656

For further information:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0882

Kind regards
Nico

-- 
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.

Attachment: pgpgsdMyfV1mb.pgp
Description: PGP signature


Reply to: