VUPEN Security - Fedora Security Update Fixes CUPS Multiple Remote Vulnerabilities / Exploit (Security Advisories)

	Contact \| Site en Français

VUPEN VNS v4.0

Features and Options

Free 14-Day Trial

Partner Program

Receive More Information

Latest Intelligence

VUPEN Security Advisories

Virus and Malware Alerts

VUPEN Security Research

Threat Watch Blog

Zero-Day Monitor

Search Engine

Mailing List & RSS

>> Fedora Security Update Fixes CUPS Multiple Remote Vulnerabilities

Title : Fedora Security Update Fixes CUPS Multiple Remote Vulnerabilities
VUPEN ID : VUPEN/ADV-2007-3879
CVE ID : CVE-2007-4045 - CVE-2007-4352 - CVE-2007-5392 - CVE-2007-5393
CWE ID : VUPEN VNS Only

CVSS V2 : VUPEN VNS Only

Rated as : High Risk

Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-11-16

Technical Description

Receive VUPEN Security alerts in a Text format

Receive VUPEN Security alerts in a PDF format

Receive VUPEN Security alerts in an XML format

Multiple vulnerabilities have been identified in Fedora, which could be exploited by attackers to cause a denial of service or compromise a vulnerable system. These issues are caused by errors in CUPS. For additional information, see : VUPEN/ADV-2007-3775 - VUPEN/ADV-2007-3681

Affected Products

Fedora Core 6

Solution

Upgrade the affected packages :

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

a45388af589b242f76e7983900e2683ec5f2ffa2 SRPMS/cups-1.2.12-6.fc6.src.rpm
a45388af589b242f76e7983900e2683ec5f2ffa2 noarch/cups-1.2.12-6.fc6.src.rpm
d6dc0e56b7fa779ca39a3c6da4e5ec6688cc710a ppc/cups-1.2.12-6.fc6.ppc.rpm
26ad812abfb87324bf8db8b9acb193eff30096d1 ppc/cups-lpd-1.2.12-6.fc6.ppc.rpm
621f42f6431402fb2ad43063d5035ef85769b9dc ppc/cups-devel-1.2.12-6.fc6.ppc.rpm
ff653ae458b1cd7288b0cae6811095077618cf3f ppc/cups-libs-1.2.12-6.fc6.ppc.rpm
105479acb757753497a00fdccc8de478b73b022d ppc/debug/cups-debuginfo-1.2.12-6.fc6.ppc.rpm
3d9e39b7989f0c857d2965bb048e5ffc5937193a x86_64/cups-1.2.12-6.fc6.x86_64.rpm
e5c2120843a5894ec63c25541ca2ab50f7c934e1 x86_64/cups-lpd-1.2.12-6.fc6.x86_64.rpm
6a58a420784897f4887a0ae726ee11605101a480 x86_64/cups-devel-1.2.12-6.fc6.x86_64.rpm
ded1ff04e6b096ae1120e651b6a15dde2ed04f0b x86_64/debug/cups-debuginfo-1.2.12-6.fc6.x86_64.rpm
077eae49a331c491602b1adf585ed623dc199636 x86_64/cups-libs-1.2.12-6.fc6.x86_64.rpm
5f17138cfd35bdead1ee724fcb67f9262efd4c68 i386/cups-1.2.12-6.fc6.i386.rpm
60e38e2aff2028245735dddaede128b1d5b65d16 i386/cups-lpd-1.2.12-6.fc6.i386.rpm
24d65aa1a8536c388bc0b11e2cb53c8e87f42129 i386/cups-devel-1.2.12-6.fc6.i386.rpm
0e82b568a04687e905eba25488cf26640df2d124 i386/cups-libs-1.2.12-6.fc6.i386.rpm
a53b0d73f89f45d103cc91c204ffe73e32d11129 i386/debug/cups-debuginfo-1.2.12-6.fc6.i386.rpm

References

http://www.vupen.com/english/advisories/2007/3879
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00456.html

ChangeLog

2007-11-16 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts with CVE, CWE, and CVSS when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.

VUPEN Vulnerability
Notification Service

Latest Advisories

>> 2010-03-15

Domain Verkaus and Auktions Portal "id" SQL Injection Vulnerability

>> 2010-03-15

deV!Lz Clanportal "basePath" Parameter File Inclusion Vulnerability

>> 2010-03-15

PhpMyLogon "username" Parameter Remote SQL Injection Vulnerability

>> 2010-03-15

Azeno CMS "id" Parameter Remote SQL Injection Vulnerability

>> 2010-03-15

Geekhelps ADMP SQL Injection and Local File Inclusion Vulnerabilities

More Informations