Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.66018
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2009:1513
Summary:NOSUMMARY
Description:Description:
The remote host is missing updates announced in
advisory RHSA-2009:1513.

The Common UNIX Printing System (CUPS) provides a portable printing layer
for UNIX operating systems. The CUPS pdftops filter converts Portable
Document Format (PDF) files to PostScript.

Two integer overflow flaws were found in the CUPS pdftops filter. An
attacker could create a malicious PDF file that would cause pdftops to
crash or, potentially, execute arbitrary code as the lp user if the file
was printed. (CVE-2009-3608, CVE-2009-3609)

Red Hat would like to thank Chris Rohlf for reporting the CVE-2009-3608
issue.

Users of cups are advised to upgrade to these updated packages, which
contain a backported patch to correct these issues. After installing the
update, the cupsd daemon will be restarted automatically.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2009-1513.html
http://www.redhat.com/security/updates/classification/#moderate

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2009-3608
BugTraq ID: 36703
http://www.securityfocus.com/bid/36703
Debian Security Information: DSA-1941 (Google Search)
http://www.debian.org/security/2009/dsa-1941
Debian Security Information: DSA-2028 (Google Search)
http://www.debian.org/security/2010/dsa-2028
Debian Security Information: DSA-2050 (Google Search)
http://www.debian.org/security/2010/dsa-2050
https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html
https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html
http://www.mandriva.com/security/advisories?name=MDVSA-2009:287
http://www.mandriva.com/security/advisories?name=MDVSA-2009:334
http://www.mandriva.com/security/advisories?name=MDVSA-2011:175
http://www.ocert.org/advisories/ocert-2009-016.html
http://www.openwall.com/lists/oss-security/2009/12/01/1
http://www.openwall.com/lists/oss-security/2009/12/01/5
http://www.openwall.com/lists/oss-security/2009/12/01/6
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9536
RedHat Security Advisories: RHSA-2009:1501
https://rhn.redhat.com/errata/RHSA-2009-1501.html
RedHat Security Advisories: RHSA-2009:1502
https://rhn.redhat.com/errata/RHSA-2009-1502.html
RedHat Security Advisories: RHSA-2009:1503
https://rhn.redhat.com/errata/RHSA-2009-1503.html
RedHat Security Advisories: RHSA-2009:1504
https://rhn.redhat.com/errata/RHSA-2009-1504.html
RedHat Security Advisories: RHSA-2009:1512
https://rhn.redhat.com/errata/RHSA-2009-1512.html
RedHat Security Advisories: RHSA-2009:1513
https://rhn.redhat.com/errata/RHSA-2009-1513.html
http://securitytracker.com/id?1023029
http://secunia.com/advisories/37028
http://secunia.com/advisories/37034
http://secunia.com/advisories/37037
http://secunia.com/advisories/37043
http://secunia.com/advisories/37051
http://secunia.com/advisories/37053
http://secunia.com/advisories/37054
http://secunia.com/advisories/37061
http://secunia.com/advisories/37077
http://secunia.com/advisories/37079
http://secunia.com/advisories/37114
http://secunia.com/advisories/37159
http://secunia.com/advisories/39327
http://secunia.com/advisories/39938
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1
SuSE Security Announcement: SUSE-SR:2009:018 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html
http://www.ubuntu.com/usn/USN-850-1
http://www.ubuntu.com/usn/USN-850-3
http://www.vupen.com/english/advisories/2009/2924
http://www.vupen.com/english/advisories/2009/2925
http://www.vupen.com/english/advisories/2009/2926
http://www.vupen.com/english/advisories/2009/2928
http://www.vupen.com/english/advisories/2010/0802
http://www.vupen.com/english/advisories/2010/1220
XForce ISS Database: xpdf-objectstream-bo(53794)
https://exchange.xforce.ibmcloud.com/vulnerabilities/53794
Common Vulnerability Exposure (CVE) ID: CVE-2009-3609
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11043
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8134
RedHat Security Advisories: RHSA-2009:1500
https://rhn.redhat.com/errata/RHSA-2009-1500.html
http://www.redhat.com/support/errata/RHSA-2010-0755.html
http://secunia.com/advisories/37023
XForce ISS Database: xpdf-imagestream-dos(53800)
https://exchange.xforce.ibmcloud.com/vulnerabilities/53800
CopyrightCopyright (c) 2009 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.