Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0882

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-0882
Last Modified 07 Mar 2011 10:05:36
Published 21 Feb 2008 02:44:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-0882

Summary

Double free vulnerability in the process_browse_data function in CUPS 1.3.5 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via crafted UDP Browse packets to the cupsd port (631/udp), related to an unspecified manipulation of a remote printer. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • Cups 1.3.5


References

FEDORA - FEDORA-2008-1976

FEDORA - FEDORA-2008-1901

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=433758

VUPEN - ADV-2008-0924

VUPEN - ADV-2008-0623

SECTRACK - 1019473

BID - 27906

REDHAT - RHSA-2008:0157

MANDRIVA - MDVSA-2008:051

MANDRIVA - MDVSA-2008:050

CONFIRM - http://www.cups.org/str.php?L2656

SECUNIA - 29251

SECUNIA - 29132

SECUNIA - 29120

SECUNIA - 29067

SECUNIA - 28994

SUSE - SUSE-SA:2008:012

UBUNTU - USN-598-1

DEBIAN - DSA-1530

GENTOO - GLSA-200804-01

SECUNIA - 29634

SECUNIA - 29603

SECUNIA - 29485

SECUNIA - 29420

APPLE - APPLE-SA-2008-03-18

CONFIRM - http://docs.info.apple.com/article.html?artnum=307562

Related Patches

Apple 2008-03-18 Security Update 2008-002 v1.0 Client (Leopard)

Apple 2008-03-26 Security Update 2008-002 v1.1 Server (Leopard) (Rev 2)

Apple 2008-03-26 Security Update 2008-002 v1.1 Client (Leopard) (Rev 2)


Last Updated: 27 May 2016 10:46:58