Rapid7 Vulnerability & Exploit Database

RHSA-2002:032: Updated cups packages are available

Back to Search

RHSA-2002:032: Updated cups packages are available

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
03/08/2002
Created
07/25/2018
Added
03/24/2010
Modified
07/04/2017

Description

Updated cups packages which fix a security problem are available.

The Common UNIX Printing System, CUPS, provides a portable printing layer. A buffer overflow in the ippRead function of CUPS before version 1.1.14 may allow attackers to execute arbitrary code via long attribute names or language values. These errata packages upgrade CUPS to version 1.1.14 which is not vulnerable to this issue. All users of CUPS should upgrade to these packages as soon as possible. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2002-0063 to this issue.

Solution(s)

  • redhat-upgrade-cups
  • redhat-upgrade-cups-devel

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;