Rapid7 Vulnerability & Exploit Database

CESA-2008:0192: cups security update

Free InsightVM Trial No credit card necessary
Watch Demo See how it all works
Back to Search

CESA-2008:0192: cups security update



The Common UNIX Printing System (CUPS) provides a portable printing layerfor UNIX(R) operating systems.A heap buffer overflow flaw was found in a CUPS administration interfaceCGI script. A local attacker able to connect to the IPP port (TCP port 631)could send a malicious request causing the script to crash or, potentially,execute arbitrary code as the "lp" user. Please note: the default CUPSconfiguration in Red Hat Enterprise Linux 5 does not allow remoteconnections to the IPP TCP port. (CVE-2008-0047)Red Hat would like to thank "regenrecht" for reporting this issue.This issue did not affect the versions of CUPS as shipped with Red HatEnterprise Linux 3 or 4.Two overflows were discovered in the HP-GL/2-to-PostScript filter. Anattacker could create a malicious HP-GL/2 file that could possibly executearbitrary code as the "lp" user if the file is printed. (CVE-2008-0053)A buffer overflow flaw was discovered in the GIF decoding routines used byCUPS image converting filters "imagetops" and "imagetoraster". An attackercould create a malicious GIF file that could possibly execute arbitrarycode as the "lp" user if the file was printed. (CVE-2008-1373)All cups users are advised to upgrade to these updated packages, whichcontain backported patches to resolve these issues.


  • centos-upgrade-cups
  • centos-upgrade-cups-devel
  • centos-upgrade-cups-libs
  • centos-upgrade-cups-lpd

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center