Oval Definition:oval:org.mitre.oval:def:13273
Revision Date:2014-06-30Version:20
Title:USN-906-1 -- cups, cupsys vulnerabilities
Description:It was discovered that the CUPS scheduler did not properly handle certain network operations. A remote attacker could exploit this flaw and cause the CUPS server to crash, resulting in a denial of service. This issue only affected Ubuntu 8.04 LTS, 8.10, 9.04 and 9.10. Ronald Volgers discovered that the CUPS lppasswd tool could be made to load localized message strings from arbitrary files by setting an environment variable. A local attacker could exploit this with a format-string vulnerability leading to a root privilege escalation. The default compiler options for Ubuntu 8.10, 9.04 and 9.10 should reduce this vulnerability to a denial of service
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2009-3553
CVE-2010-0302
CVE-2010-0393
USN-906-1
USN-906-1
Platform(s):Ubuntu 6.06
Ubuntu 8.04
Ubuntu 8.10
Ubuntu 9.04
Ubuntu 9.10
Product(s):cups
cupsys
Definition Synopsis
  • Release section
  • Ubuntu 8.04 is installed
  • AND Architecture section
  • Architecture independet section
  • Installed architecture is all
  • AND cupsys-common DPKG is earlier than 1.3.7-1ubuntu3.8
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is amd64
  • OR Installed architecture is i386
  • OR Installed architecture is powerpc
  • OR Installed architecture is sparc
  • OR Installed architecture is lpia
  • AND Packages section
  • cupsys-bsd DPKG is earlier than 1.3.7-1ubuntu3.8
  • OR cupsys-client DPKG is earlier than 1.3.7-1ubuntu3.8
  • OR libcupsimage2 DPKG is earlier than 1.3.7-1ubuntu3.8
  • OR libcupsimage2-dev DPKG is earlier than 1.3.7-1ubuntu3.8
  • OR libcupsys2-dev DPKG is earlier than 1.3.7-1ubuntu3.8
  • OR cupsys DPKG is earlier than 1.3.7-1ubuntu3.8
  • OR libcupsys2 DPKG is earlier than 1.3.7-1ubuntu3.8
  • OR Release section
  • Ubuntu 8.10 is installed
  • AND Architecture section
  • Architecture independet section
  • Installed architecture is all
  • AND Packages section
  • cupsys-bsd DPKG is earlier than 1.3.9-2ubuntu9.5
  • OR cupsys-client DPKG is earlier than 1.3.9-2ubuntu9.5
  • OR cupsys-dbg DPKG is earlier than 1.3.9-2ubuntu9.5
  • OR cups-common DPKG is earlier than 1.3.9-2ubuntu9.5
  • OR cupsys DPKG is earlier than 1.3.9-2ubuntu9.5
  • OR libcupsys2 DPKG is earlier than 1.3.9-2ubuntu9.5
  • OR libcupsys2-dev DPKG is earlier than 1.3.9-2ubuntu9.5
  • OR cupsys-common DPKG is earlier than 1.3.9-2ubuntu9.5
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is amd64
  • OR Installed architecture is i386
  • OR Installed architecture is powerpc
  • OR Installed architecture is sparc
  • OR Installed architecture is lpia
  • AND Packages section
  • libcups2-dev DPKG is earlier than 1.3.9-2ubuntu9.5
  • OR cups-bsd DPKG is earlier than 1.3.9-2ubuntu9.5
  • OR libcupsimage2-dev DPKG is earlier than 1.3.9-2ubuntu9.5
  • OR libcupsimage2 DPKG is earlier than 1.3.9-2ubuntu9.5
  • OR cups-client DPKG is earlier than 1.3.9-2ubuntu9.5
  • OR libcups2 DPKG is earlier than 1.3.9-2ubuntu9.5
  • OR cups-dbg DPKG is earlier than 1.3.9-2ubuntu9.5
  • OR cups DPKG is earlier than 1.3.9-2ubuntu9.5
  • OR Release section
  • Ubuntu 9.10 is installed
  • AND Architecture section
  • Architecture independet section
  • Installed architecture is all
  • AND Packages section
  • cupsddk DPKG is earlier than 1.4.1-5ubuntu2.4
  • OR cupsys-client DPKG is earlier than 1.4.1-5ubuntu2.4
  • OR cupsys-bsd DPKG is earlier than 1.4.1-5ubuntu2.4
  • OR cups-common DPKG is earlier than 1.4.1-5ubuntu2.4
  • OR cupsys DPKG is earlier than 1.4.1-5ubuntu2.4
  • OR cupsys-dbg DPKG is earlier than 1.4.1-5ubuntu2.4
  • OR cupsys-common DPKG is earlier than 1.4.1-5ubuntu2.4
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is amd64
  • OR Installed architecture is i386
  • OR Installed architecture is powerpc
  • OR Installed architecture is sparc
  • OR Installed architecture is lpia
  • AND Packages section
  • libcupscgi1 DPKG is earlier than 1.4.1-5ubuntu2.4
  • OR libcups2-dev DPKG is earlier than 1.4.1-5ubuntu2.4
  • OR cups-bsd DPKG is earlier than 1.4.1-5ubuntu2.4
  • OR libcupsmime1 DPKG is earlier than 1.4.1-5ubuntu2.4
  • OR libcupsdriver1-dev DPKG is earlier than 1.4.1-5ubuntu2.4
  • OR libcupsimage2-dev DPKG is earlier than 1.4.1-5ubuntu2.4
  • OR libcupsimage2 DPKG is earlier than 1.4.1-5ubuntu2.4
  • OR cups-client DPKG is earlier than 1.4.1-5ubuntu2.4
  • OR libcupsdriver1 DPKG is earlier than 1.4.1-5ubuntu2.4
  • OR libcups2 DPKG is earlier than 1.4.1-5ubuntu2.4
  • OR cups-dbg DPKG is earlier than 1.4.1-5ubuntu2.4
  • OR cups-ppdc DPKG is earlier than 1.4.1-5ubuntu2.4
  • OR libcupsppdc1 DPKG is earlier than 1.4.1-5ubuntu2.4
  • OR cups DPKG is earlier than 1.4.1-5ubuntu2.4
  • OR libcupsppdc1-dev DPKG is earlier than 1.4.1-5ubuntu2.4
  • OR libcupscgi1-dev DPKG is earlier than 1.4.1-5ubuntu2.4
  • OR libcupsmime1-dev DPKG is earlier than 1.4.1-5ubuntu2.4
  • OR Release section
  • Ubuntu 6.06 is installed
  • AND Architecture section
  • Architecture independet section
  • Installed architecture is all
  • AND libcupsys2-gnutls10 DPKG is earlier than 1.2.2-0ubuntu0.6.06.17
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is sparc
  • OR Installed architecture is powerpc
  • OR Installed architecture is amd64
  • OR Installed architecture is i386
  • AND Packages section
  • cupsys-bsd DPKG is earlier than 1.2.2-0ubuntu0.6.06.17
  • OR cupsys-client DPKG is earlier than 1.2.2-0ubuntu0.6.06.17
  • OR libcupsys2-dev DPKG is earlier than 1.2.2-0ubuntu0.6.06.17
  • OR libcupsimage2-dev DPKG is earlier than 1.2.2-0ubuntu0.6.06.17
  • OR libcupsimage2 DPKG is earlier than 1.2.2-0ubuntu0.6.06.17
  • OR cupsys DPKG is earlier than 1.2.2-0ubuntu0.6.06.17
  • OR libcupsys2 DPKG is earlier than 1.2.2-0ubuntu0.6.06.17
  • OR Release section
  • Ubuntu 9.04 is installed
  • AND Architecture section
  • Architecture independet section
  • Installed architecture is all
  • AND Packages section
  • cupsys-bsd DPKG is earlier than 1.3.9-17ubuntu3.6
  • OR cupsys-client DPKG is earlier than 1.3.9-17ubuntu3.6
  • OR cupsys-dbg DPKG is earlier than 1.3.9-17ubuntu3.6
  • OR cups-common DPKG is earlier than 1.3.9-17ubuntu3.6
  • OR cupsys DPKG is earlier than 1.3.9-17ubuntu3.6
  • OR libcupsys2 DPKG is earlier than 1.3.9-17ubuntu3.6
  • OR libcupsys2-dev DPKG is earlier than 1.3.9-17ubuntu3.6
  • OR cupsys-common DPKG is earlier than 1.3.9-17ubuntu3.6
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is amd64
  • OR Installed architecture is i386
  • OR Installed architecture is powerpc
  • OR Installed architecture is sparc
  • OR Installed architecture is lpia
  • AND Packages section
  • libcups2-dev DPKG is earlier than 1.3.9-17ubuntu3.6
  • OR cups-bsd DPKG is earlier than 1.3.9-17ubuntu3.6
  • OR libcupsimage2-dev DPKG is earlier than 1.3.9-17ubuntu3.6
  • OR libcupsimage2 DPKG is earlier than 1.3.9-17ubuntu3.6
  • OR cups-client DPKG is earlier than 1.3.9-17ubuntu3.6
  • OR libcups2 DPKG is earlier than 1.3.9-17ubuntu3.6
  • OR cups-dbg DPKG is earlier than 1.3.9-17ubuntu3.6
  • OR cups DPKG is earlier than 1.3.9-17ubuntu3.6
  • BACK