French Security Incident Response Team

FrSIRT   

      

   français French  anglais English

 
Vulnerability Notification Service
 FrSIRT Private Exploit & PoC Codes Service
 FrSIRT Partner Program
 14-Day Free Trial
Contact FrSIRT Sales Dept.
 

Security Advisories
Linux Security Advisories
Virus and Threats Advisories
Latest Security News
Latest Zero Day Threats
Security Vulnerabilities and Advisories Search Engine
 

Report a security incident
Report a new vulnerability
Security Mailinglist
 

Our Company
FrSIRT in the News
Advertise on FrSIRT.COM
Security Researchers and Exploit Writers Jobs
Contact Us

Fedora Security Update Fixes Multiple CUPS Buffer Overflow Issues

Title : Fedora Security Update Fixes Multiple CUPS Buffer Overflow Issues
Advisory ID : FrSIRT/ADV-2006-0069
CVE ID : CVE-2005-3625 - CVE-2005-3626 - CVE-2005-3627
Rated as : High Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2006-01-06

Advisory Details
 
  Description
  Affected Products
  Solution
  References
Technical Description    Receive FrSIRT alerts in a Text format  Receive FrSIRT alerts in a PDF format  Receive FrSIRT alerts in an XML format  Receive FrSIRT notifications by SMS 

Fedora has released updated packages to address multiple vulnerabilities identified in Cups [...]

Solution

Upgrade the affected packages :

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

b65393b6e832e37cd45944fa1fcb2f9f SRPMS/cups-1.1.23-15.3.src.rpm
02eadf80e0cfb528185e0b9274077006 ppc/cups-1.1.23-15.3.ppc.rpm
e2cb40aef49d878dd26d5f03cb1fd01e ppc/cups-devel-1.1.23-15.3.ppc.rpm
a5435a5bcfffa902385e459d87a497c6 ppc/cups-libs-1.1.23-15.3.ppc.rpm
2de63386f71fc3c04f698b7c72c1dba8 ppc/cups-lpd-1.1.23-15.3.ppc.rpm
43eb8850d0fafe3de68878b6f8daf77a ppc/debug/cups-debuginfo-1.1.23-15.3.ppc.rpm
a6ad7b471609dc51991518fff8d3cf60 ppc/cups-libs-1.1.23-15.3.ppc64.rpm
8742299c1f7299076bb2b3981fff4c98 x86_64/cups-1.1.23-15.3.x86_64.rpm
bd297bc78d37c1b460d1c9e43230ca69 x86_64/cups-devel-1.1.23-15.3.x86_64.rpm
6ac6c13e86d1305d9bcf9a319e78e4c2 x86_64/cups-libs-1.1.23-15.3.x86_64.rpm
40c906f6e51a7e80053d20ed3cd46db0 x86_64/cups-lpd-1.1.23-15.3.x86_64.rpm
ba48481077a96a3e2ba2aa8a45b3af62 x86_64/debug/cups-debuginfo-1.1.23-15.3.x86_64.rpm
dd421fc881b169edd6eeb4dd066c86b2 x86_64/cups-libs-1.1.23-15.3.i386.rpm
e4de7feac1df02a425ab3efa6144f4ff i386/cups-1.1.23-15.3.i386.rpm
3e11e02156acc1ab98c39e81eaa94845 i386/cups-devel-1.1.23-15.3.i386.rpm
dd421fc881b169edd6eeb4dd066c86b2 i386/cups-libs-1.1.23-15.3.i386.rpm
2b0df8e6199debab3a3715b643b4b504 i386/cups-lpd-1.1.23-15.3.i386.rpm
4f1b9c6b9a2455ed4e4f0a6531a5a006 i386/debug/cups-debuginfo-1.1.23-15.3.i386.rpm

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

e4863c8e84bd2e0be139cf9c9b981c7d SRPMS/cups-1.1.22-0.rc1.8.9.src.rpm
61f09f282d5d6d06c313d7b2a6d4a01d x86_64/cups-1.1.22-0.rc1.8.9.x86_64.rpm
0a1c9a3519066b1722f2f68f441ce135 x86_64/cups-devel-1.1.22-0.rc1.8.9.x86_64.rpm
5b704b556030ef26c76d866812161aa8 x86_64/cups-libs-1.1.22-0.rc1.8.9.x86_64.rpm
2451f45b1e738ece7af8d7dd9caf6b47 x86_64/debug/cups-debuginfo-1.1.22-0.rc1.8.9.x86_64.rpm
bb9815d2bc773c35dc61c429b77454c8 x86_64/cups-libs-1.1.22-0.rc1.8.9.i386.rpm
7a71e7c01a6ef6d50dc39e78b50496de i386/cups-1.1.22-0.rc1.8.9.i386.rpm
c8f38a36664e624ae521e76867ac1467 i386/cups-devel-1.1.22-0.rc1.8.9.i386.rpm
bb9815d2bc773c35dc61c429b77454c8 i386/cups-libs-1.1.22-0.rc1.8.9.i386.rpm
3f5ca45efebf5218f43faaaebb42f39e i386/debug/cups-debuginfo-1.1.22-0.rc1.8.9.i386.rpm

ChangeLog

2006-01-06 : Initial release

Vulnerability Management

Subscribe to FrSIRT VNS and receive real-time e-mail and SMS alerts when new vulnerabilities, exploits, or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form or by email to updates@frsirt.com.
 
 

Search
      

Mailinglist
    
 

Mozilla Products Code Execution and Security Bypass Vulnerabilities

Mozilla Firefox Shortcut Handlingg Information Disclosure Vulnerability

Mozilla Products Code Execution and Security Bypass Vulnerabilities

Mozilla Firefox for Mac OS X GIF Rendering Code Execution Vulnerability

Mozilla Products Remote Code Execution and Security Bypass Issues

Mozilla Products Code Execution and Injection Vulnerabilities

Mozilla JavaScript Garbage Collector Code Execution Vulnerability

Oracle and BEA Products Multiple Code Execution Vulnerabilities

Oracle Products Multiple Code Execution and Security Bypass Issues

Oracle Products Command Execution and SQL Injection Vulnerabilities

Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities

Oracle Database "PITRIG_DROPMETADATA" Buffer Overflow Vulnerability

Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities

Oracle JInitiator ActiveX Control Multiple Remote Buffer Overflow Vulnerabilities

Sun Logical Domain Manager Local Privilege Escalation Vulnerability

Sun StarOffice/StarSuite EMF Handling Buffer Overflow Vulnerability

Sun Java Messaging Server Cross Site Scripting Vulnerability

Sun Solaris IP Filter NAT Service DNS Cache Poisoning Vulnerability

Sun Java System Identity Manager Security Bypass Vulnerabilities

Sun Solaris DHCP Buffer Overflow and Denial of Service

Sun Solstice X.25 "/dev/xty" Local Denial of Service Vulnerability

Copyright 2003-2008 © FrSIRT.COM - Privacy Policy