Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.50722 |
Kategorie: | Mandrake Local Security Checks |
Titel: | Mandrake Security Advisory MDKSA-2003:062 (cups) |
Zusammenfassung: | NOSUMMARY |
Beschreibung: | Description: The remote host is missing an update to cups announced via advisory MDKSA-2003:062. A Denial of Service (DoS) vulnerability was discovered in the CUPS printing system by Phil D'Amore of Red Hat. The IPP (Internet Printing Protocol) that CUPS uses is single-threaded and can only service one request at a time. A malicious user could create a partial request that does not time out and cause a Denial of Service condition where CUPS will not respond to other printing requests. This can only be done if the malicious user can create a TCP connection to the IPP port (631 by default). This vulnerability has been fixed upstream in CUPS 1.1.19 and packages of previous versions have been fixed to correct the problem. Affected versions: 8.2, 9.0, 9.1, Corporate Server 2.1, Multi Network Firewall 8.2 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2003:062 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0195 Risk factor : Medium CVSS Score: 5.0 |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2003-0195 BugTraq ID: 7637 http://www.securityfocus.com/bid/7637 Bugtraq: 20030529 [slackware-security] CUPS DoS vulnerability fixed (SSA:2003-149-01) (Google Search) http://marc.info/?l=bugtraq&m=105427288724449&w=2 Conectiva Linux advisory: CLSA-2003:678 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000678 Debian Security Information: DSA-317 (Google Search) http://www.debian.org/security/2003/dsa-317 http://www.mandriva.com/security/advisories?name=MDKSA-2003:062 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6 http://www.redhat.com/support/errata/RHSA-2003-171.html SuSE Security Announcement: SuSE-SA:2003:028 (Google Search) http://www.novell.com/linux/security/advisories/2003_028.html TurboLinux Advisory: TLSA-2003-33 http://www.turbolinux.com/security/TLSA-2003-33.txt |
Copyright | Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |