VARIoT IoT vulnerabilities database
| VAR-201003-0360 | CVE-2010-0939 | Visialis ABB Forum Database download vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Visialis ABB Forum 1.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for fpdb/abb.mdb
| VAR-201003-0151 | CVE-2010-0103 |
Energizer DUO USB Battery Charger Unauthorized Access Vulnerability
Related entries in the VARIoT exploits database: VAR-E-201003-0761 |
CVSS V2: 9.3 CVSS V3: - Severity: HIGH |
UsbCharger.dll in the Energizer DUO USB battery charger software contains a backdoor that is implemented through the Arucer.dll file in the %WINDIR%\system32 directory, which allows remote attackers to download arbitrary programs onto a Windows PC, and execute these programs, via a request to TCP port 7777. Energizer DUO is a fast USB charger. Energizer DUO has a security vulnerability in its implementation that could allow an attacker to list arbitrary directories, send and receive files, and execute arbitrary code. ----------------------------------------------------------------------
Use WSUS to deploy 3rd party patches
Public BETA
http://secunia.com/vulnerability_scanning/corporate/wsus_3rd_third_party_patching/
----------------------------------------------------------------------
TITLE:
Energizer DUO Charger Software Backdoor Security Issue
SECUNIA ADVISORY ID:
SA38894
VERIFY ADVISORY:
http://secunia.com/advisories/38894/
DESCRIPTION:
A security issue has been reported in Energizer DUO Charger Software,
which can be exploited by malicious people to compromise a vulnerable
system.
The security issue is caused due to a backdoor (Arucer.dll) placed in
the Windows system32 directory by the installer software. This can be
exploited to e.g.
NOTE: The backdoor is configured to start automatically on system
start.
SOLUTION:
Uninstall the software and remove "Arucer.dll" from the Windows
system32 directory.
PROVIDED AND/OR DISCOVERED BY:
US-CERT credits Ed Schaller.
ORIGINAL ADVISORY:
VU#154421:
http://www.kb.cert.org/vuls/id/154421
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-201003-0321 | CVE-2010-0962 |
Apple AirPort Express Such as FTP Intranet on proxy server FTP From the server TCP Vulnerability to be transferred
Related entries in the VARIoT exploits database: VAR-E-201003-0567 |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The FTP proxy server in Apple AirPort Express, AirPort Extreme, and Time Capsule with firmware 7.5 does not restrict the IP address and port specified in a PORT command from a client, which allows remote attackers to leverage intranet FTP servers for arbitrary TCP forwarding via a crafted PORT command. Multiple Apple wireless products are prone to a security-bypass vulnerability.
An attacker can exploit this issue to perform anonymous port scans on a victim's computer and send unsolicited emails and news. Other attacks are also possible.
The following products are affected:
Airport Express Firmware version 7.5
Airport Extreme Firmware version 7.5
Time Capsule Firmware version 7.5
Other products and versions may also be affected. An Apple AirPort device is a wireless access point that provides 802.11 services to network clients. The direct impact of this vulnerability is that for Airpor products that provide NAT to internal clients, users who can access the external forwarded FTP ports of these products can perform FTP server operations within the NAT by sending data to arbitrary addresses and ports
| VAR-201003-0527 | No CVE | Orb Networks Orb Direct Show Filter MP3 File Divide Denial of Service Vulnerability |
CVSS V2: - CVSS V3: - Severity: - |
Orb Networks Orb is a live streaming TV solution. Orb Networks Orb Direct Show filters have a divide-by-zero error when dealing with malformed '.mp3' files, and remote attackers can exploit the vulnerability to crash an application.
| VAR-201003-0114 | CVE-2009-3032 | Autonomy KeyView Filter SDK of kvolefio.dll Integer overflow vulnerability |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow. Autonomy KeyView module is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data before copying it to insufficiently sized buffers.
Exploiting this issue will allow an attacker to corrupt memory and cause denial-of-service conditions and may potentially allow the execution of arbitrary code in the context of an application using the module.
Multiple products using the KeyView module are affected, including:
Symantec Mail Security for Domino
Symantec Mail Security for Microsoft Exchange
Symantec Mail Security for SMTP
Symantec Brightmail Gateway
Symantec Data Loss Prevention Detection Servers
Symantec Data Loss Prevention Endpoint Agents
Symantec IM Manager. KeyView is a software package for exporting, converting and viewing files in various formats.
For more information:
SA38797
SOLUTION:
Please see the vendor's advisory for a list of fixes. iDefense Security Advisory 03.04.10
http://labs.idefense.com/intelligence/vulnerabilities/
Mar 04, 2010
I. BACKGROUND
Autonomy KeyView SDK is a commercial SDK that provides many file format
parsing libraries. It supports a large number of different document
formats. KeyView is used by several popular vendors for processing
documents. For more information, visit the URLs referenced below.
http://www.autonomy.com/
II.
This vulnerability occurs when processing specially crafted documents.
When processing such a document, the software reads an integer value
from the file and uses this integer, without validation, in an
arithmetic operation to calculate the amount of memory to allocate. If
a sufficiently large number is supplied, the calculation overflows,
resulting in a buffer of insufficient size being allocated. The
software then proceeds to copy data into this under-sized buffer. This
results in an exploitable heap buffer overflow condition.
III. ANALYSIS
Exploitation of this vulnerability results in the execution of arbitrary
code with the privileges of the targeted application. In order to
exploit this vulnerability, an attacker must cause a specially crafted
OLE file to be processed by an application using the Autonomy KeyView
SDK. This includes file types such as PowerPoint, Excel, Word, as well
as other document formats.
The amount of user interaction required is tied to the way in which the
KeyView SDK is used. In cases such as Lotus Notes, this requires that
an attacker convince a user to view an e-mail attachment; however, in
other cases, processing may take place automatically as a document is
examined.
The privileges that an attacker gains may be different for each
application that uses the KeyView SDK. For example, exploiting this
issue via Lotus Notes yields the current user's privileges while
exploiting the vulnerability via Symantec Mail Security yields SYSTEM
privileges.
IV. All applications that utilize
Autonomy's KeyView SDK to process untrusted content are also believed
to be vulnerable.
V. WORKAROUND
For Symantec Mail Security, disabling "content filtering" will prevent
exploitation.
Unfortunately, disabling the affected "kvolefio.dll" library causes
additional issues. Working around this issue by disabling filters would
require all filters that utilize this module to be disabled. It is not
clear at this time if this is even possible. iDefense will update this
workaround once more information has been received from the vendor(s).
VI. VENDOR RESPONSE
Symantec Corporation has released a solution which addresses this issue.
Information about downloadable vendor updates can be found by clicking
on the URLs shown.
http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100304_00
VII. CVE INFORMATION
The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2009-3032 to this issue. This is a candidate for inclusion in
the CVE list (http://cve.mitre.org/), which standardizes names for
security problems.
VIII. DISCLOSURE TIMELINE
09/28/2009 Initial Vendor Notification
09/28/2009 Initial Vendor Reply
03/04/2010 Coordinated Public Disclosure
IX. CREDIT
This vulnerability was discovered by Joshua J. Drake of iDefense Labs.
Get paid for vulnerability research
http://labs.idefense.com/methodology/vulnerability/vcp.php
Free tools, research and upcoming events
http://labs.idefense.com/
X. LEGAL NOTICES
Copyright \xa9 2010 iDefense, Inc.
Permission is granted for the redistribution of this alert
electronically. It may not be edited in any way without the express
written consent of iDefense. If you wish to reprint the whole or any
part of this alert in any other medium other than electronically,
please e-mail customerservice@idefense.com for permission.
Disclaimer: The information in the advisory is believed to be accurate
at the time of publishing based on currently available information. Use
of the information constitutes acceptance for use in an AS IS condition.
There are no warranties with regard to this information. Neither the
author nor the publisher accepts any liability for any direct,
indirect, or consequential loss or damage arising from use of, or
reliance on, this information. ----------------------------------------------------------------------
Use WSUS to deploy 3rd party patches
Public BETA
http://secunia.com/vulnerability_scanning/corporate/wsus_3rd_third_party_patching/
----------------------------------------------------------------------
TITLE:
Autonomy KeyView OLE File Parsing Integer Overflow Vulnerability
SECUNIA ADVISORY ID:
SA38797
VERIFY ADVISORY:
http://secunia.com/advisories/38797/
DESCRIPTION:
iDefense Labs has reported a vulnerability in Autonomy KeyView, which
can be exploited by malicious people to compromise a vulnerable
system.
The vulnerability is reported in version 10.5. Other versions may
also be affected.
SOLUTION:
Do not open OLE files in applications using the vulnerable library.
ORIGINAL ADVISORY:
iDefense Labs:
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor
| VAR-201003-0247 | CVE-2010-0573 | Cisco Digital Media Player Vulnerability in hijacking source of data for display |
CVSS V2: 8.5 CVSS V3: - Severity: HIGH |
Unspecified vulnerability on the Cisco Digital Media Player before 5.2 allows remote attackers to hijack the source of (1) video or (2) data for a display via unknown vectors, related to a "content injection" issue, aka Bug ID CSCtc46024.
This issue is documented by Cisco Bug ID CSCtc46024. This vulnerability is related to "content injection".
ORIGINAL ADVISORY:
http://www.cisco.com/warp/public/707/cisco-sa-20100303-dmp.shtml
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
Cisco has released free software updates that address this
vulnerability. There are no workarounds available to mitigate this
vulnerability.
This additional advisory is posted at
http://www.cisco.com/warp/public/707/cisco-sa-20100303-dmp.shtml. This advisory is posted at
http://www.cisco.com/warp/public/707/cisco-sa-20100303-dmm.shtml.
Products Confirmed Not Vulnerable
+--------------------------------
No other Cisco products are currently known to be affected by this
vulnerability.
Details
=======
Cisco Digital Media Players are IP-based endpoints that can play
high-definition live and on-demand video, motion graphics, web pages,
and dynamic content on digital displays.
Vulnerability Scoring Details
=============================
Cisco has provided scores for the vulnerability in this advisory based
on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in
this Security Advisory is done in accordance with CVSS version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability
severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then
compute environmental scores to assist in determining the impact of the
vulnerability in individual networks.
Cisco has provided an FAQ to answer additional questions regarding CVSS
at:
http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html
Cisco has also provided a CVSS calculator to help compute the
environmental impact for individual networks at:
http://intellishield.cisco.com/security/alertmanager/cvss
* CSCtc46024 ("Remote Display Unauthorized Content Injection")
CVSS Base Score - 8.5
Access Vector - Network
Access Complexity - Low
Authentication - None
Confidentiality Impact - None
Integrity Impact - Partial
Availability Impact - Complete
CVSS Temporal Score - 7.0
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
Impact
======
Successful exploitation of the vulnerability could allow an
unauthenticated attacker to inject video or data content into a remote
display.
Software Versions and Fixes
===========================
When considering software upgrades, also consult
http://www.cisco.com/go/psirt and any subsequent advisories to determine
exposure and a complete upgrade solution.
In all cases, customers should exercise caution to be certain the
devices to be upgraded contain sufficient memory and that current
hardware and software configurations will continue to be supported
properly by the new release. If the information is not clear, contact
the Cisco Technical Assistance Center (TAC) or your contracted
maintenance provider for assistance.
Workarounds
===========
There are no workarounds to mitigate this vulnerability.
Obtaining Fixed Software
========================
Cisco has released free software updates that address this
vulnerability. Prior to deploying software, customers should consult
their maintenance provider or check the software for feature set
compatibility and known issues specific to their environment.
Customers may only install and expect support for the feature
sets they have purchased. By installing, downloading, accessing
or otherwise using such software upgrades, customers agree to be
bound by the terms of Cisco's software license terms found at
http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html,
or as otherwise set forth at Cisco.com Downloads at
http://www.cisco.com/public/sw-center/sw-usingswc.shtml.
Do not contact psirt@cisco.com or security-alert@cisco.com for
software upgrades.
Customers with Service Contracts
+-------------------------------
Customers with contracts should obtain upgraded software through their
regular update channels. For most customers, this means that upgrades
should be obtained through the Software Center on Cisco's worldwide
website at http://www.cisco.com.
Customers using Third Party Support Organizations
+------------------------------------------------
Customers whose Cisco products are provided or maintained through prior
or existing agreements with third-party support organizations, such
as Cisco Partners, authorized resellers, or service providers should
contact that support organization for guidance and assistance with the
appropriate course of action in regards to this advisory.
The effectiveness of any workaround or fix is dependent on specific
customer situations, such as product mix, network topology, traffic
behavior, and organizational mission. Due to the variety of affected
products and releases, customers should consult with their service
provider or support organization to ensure any applied workaround or fix
is the most appropriate for use in the intended network before it is
deployed.
Customers without Service Contracts
+----------------------------------
Customers who purchase direct from Cisco but do not hold a Cisco service
contract, and customers who purchase through third-party vendors but are
unsuccessful in obtaining fixed software through their point of sale
should acquire upgrades by contacting the Cisco Technical Assistance
Center (TAC). TAC contacts are as follows.
* +1 800 553 2447 (toll free from within North America)
* +1 408 526 7209 (toll call from anywhere in the world)
* e-mail: tac@cisco.com
Customers should have their product serial number available and be
prepared to give the URL of this notice as evidence of entitlement to a
free upgrade. Free upgrades for non-contract customers must be requested
through the TAC.
Refer to
http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html
for additional TAC contact information, including localized telephone
numbers, and instructions and e-mail addresses for use in various
languages.
Exploitation and Public Announcements
=====================================
The Cisco PSIRT is not aware of any public announcements or malicious
use of the vulnerability described in this advisory.
This vulnerability was reported to Cisco by the National Australia
Bank's Security Assurance team. Cisco PSIRT appreciates the opportunity
to work with researchers on security vulnerabilities and welcomes the
opportunity to review and assist in product reports.
Status of this Notice: FINAL
============================
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY
ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE
INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS
AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS
DOCUMENT AT ANY TIME.
A stand-alone copy or Paraphrase of the text of this document that omits
the distribution URL in the following section is an uncontrolled copy,
and may lack important information or contain factual errors.
Distribution
============
This advisory is posted on Cisco's worldwide website at:
http://www.cisco.com/warp/public/707/cisco-sa-20100303-dmp.shtml
In addition to worldwide web posting, a text version of this notice is
clear-signed with the Cisco PSIRT PGP key and is posted to the following
e-mail and Usenet news recipients.
* cust-security-announce@cisco.com
* first-bulletins@lists.first.org
* bugtraq@securityfocus.com
* vulnwatch@vulnwatch.org
* cisco@spot.colorado.edu
* cisco-nsp@puck.nether.net
* full-disclosure@lists.grok.org.uk
* comp.dcom.sys.cisco@newsgate.cisco.com
Future updates of this advisory, if any, will be placed on Cisco's
worldwide website, but may or may not be actively announced on mailing
lists or newsgroups. Users concerned about this problem are encouraged
to check the above URL for any updates.
Revision History
================
+------------------------------------------------------------+
| Revision 1.0 | 2010-March-03 | Initial public release. |
+------------------------------------------------------------+
Cisco Security Procedures
=========================
Complete information on reporting security vulnerabilities
in Cisco products, obtaining assistance with security
incidents, and registering to receive security information
from Cisco, is available on Cisco's worldwide website at
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html.
This includes instructions for press inquiries regarding
Cisco security notices. All Cisco security advisories are available at
http://www.cisco.com/go/psirt.
+--------------------------------------------------------------------
Copyright 2008-2010 Cisco Systems, Inc. All rights reserved.
+--------------------------------------------------------------------
Updated: Mar 03, 2010 Document ID: 111581
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkuOjF4ACgkQ86n/Gc8U/uCUKACfR1133h3yjcO2tcC3GhqcNzl/
QXEAn1Y2q2puMB4cy66mASmtOZdZE0pb
=hJcI
-----END PGP SIGNATURE-----
| VAR-201003-0244 | CVE-2010-0570 | Cisco DMM Vulnerable to arbitrary code execution |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Cisco Digital Media Manager (DMM) 5.0.x and 5.1.x has a default password for the Tomcat administration account, which makes it easier for remote attackers to execute arbitrary code via a crafted web application, aka Bug ID CSCta03378. Cisco Digital Media Manager (DMM) is prone to a remote authentication-bypass vulnerability.
Successful exploits allow remote attackers to gain access to the vulnerable application.
This issue is being tracked by Cisco bug ID CSCta03378. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Digital
Media Manager
Advisory ID: cisco-sa-20100303-dmm
http://www.cisco.com/warp/public/707/cisco-sa-20100303-dmm.shtml
Revision 1.0
For Public Release 2010 March 03 1600 UTC (GMT)
+---------------------------------------------------------------------
Summary
=======
Multiple vulnerabilities exist in the Cisco Digital Media Manager
(DMM). This security advisory outlines details of the following
vulnerabilities:
* Default credentials
* Privilege escalation vulnerability
* Information leakage vulnerability
These vulnerabilities are independent of each other.
There are no workarounds that can mitigate any of these vulnerabilities.
This advisory is posted at
http://www.cisco.com/warp/public/707/cisco-sa-20100303-dmm.shtml. This advisory is posted at
http://www.cisco.com/warp/public/707/cisco-sa-20100303-dmp.shtml.
Affected Products
=================
Vulnerable Products
+------------------
The following is a list of the products affected by each vulnerability
as described in detail within this advisory.
Default Credentials
+------------------
Cisco DMM versions 5.0.x and 5.1.x are affected by this vulnerability.
Cisco DMM versions 4.x are not vulnerable.
Privilege Escalation Vulnerability
+---------------------------------
Cisco DMM versions 5.0.x and 5.1.x are affected by this vulnerability.
Cisco DMM versions 4.x are not vulnerable.
Information Leakage Vulnerability
+--------------------------------
All Cisco DMM releases earler than 5.2 are affected by this
vulnerability.
Products Confirmed Not Vulnerable
+--------------------------------
No other Cisco products are currently known to be affected by these
vulnerabilities. This security
advisory describes multiple distinct vulnerabilities in the Cisco DMM.
These vulnerabilities are independent of each other.
Default Credentials
+------------------
Cisco DMM versions earler than 5.2 have default credentials that could
allow an attacker full control of the installed web applications,
including settings, status, and deployment.
Privilege Escalation Vulnerability
+---------------------------------
A vulnerability exists in Cisco DMM versions 5.0.x and 5.1.x that could
allow authenticated, but unauthorized users to change the configuration
and obtain full access of the device.
The Cisco Digital Media Player is an IP-based endpoint that can play
high-definition live and on-demand video, motion graphics, web pages,
and dynamic content on digital displays.
A vulnerability exists in all Cisco DMM versions earler than 5.2 that
could allow authenticated but unauthorized users to view Cisco Digital
Media Player user credentials and LDAP credentials (if configured) in
error log messages and stack traces.
Vulnerability Scoring Details
=============================
Cisco has provided scores for the vulnerabilities in this advisory based
on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in
this Security Advisory is done in accordance with CVSS version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability
severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then
compute environmental scores to assist in determining the impact of the
vulnerability in individual networks.
Cisco has provided an FAQ to answer additional questions regarding CVSS
at:
http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html
Cisco has also provided a CVSS calculator to help compute the
environmental impact for individual networks at
http://intellishield.cisco.com/security/alertmanager/cvss
* CSCta03378 ("Default password for Tomcat administration account")
CVSS Base Score - 10.0
Access Vector - Network
Access Complexity - Low
Authentication - None
Confidentiality Impact - Complete
Integrity Impact - Complete
Availability Impact - Complete
CVSS Temporal Score - 8.7
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
* CSCtc46008 ("Privilege Escalation on DMM")
CVSS Base Score - 8.5
Access Vector - Network
Access Complexity - Medium
Authentication - Single
Confidentiality Impact - Complete
Integrity Impact - Complete
Availability Impact - Complete
CVSS Temporal Score - 8.7
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
* CSCtc46050 ("Potential Information Leakage within Stack Trace")
CVSS Base Score - 7.1
Access Vector - Network
Access Complexity - High
Authentication - Single
Confidentiality Impact - Complete
Integrity Impact - Complete
Availability Impact - Complete
CVSS Temporal Score - 8.7
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
Impact
======
Successful exploitation of the default credentials vulnerability could
allow an attacker to change the settings, status, and deployment of the
installed web applications.
Successful exploitation of the privilege escalation vulnerability could
allow authenticated, but unauthorized users to change the configuration
and obtain full access of the device.
Successful exploitation of the information leakage vulnerability could
allow authenticated but unauthorized users to view Cisco Digital Media
Player user credentials and LDAP credentials (if configured) in error
log messages and stack traces.
Software Versions and Fixes
===========================
When considering software upgrades, also consult
http://www.cisco.com/go/psirt and any subsequent advisories to determine
exposure and a complete upgrade solution.
In all cases, customers should exercise caution to be certain the
devices to be upgraded contain sufficient memory and that current
hardware and software configurations will continue to be supported
properly by the new release. If the information is not clear, contact
the Cisco Technical Assistance Center (TAC) or your contracted
maintenance provider for assistance.
All of the vulnerabilities described in this security advisory have been
fixed in Cisco DMM version 5.2.
Workarounds
===========
There are no workarounds that can mitigate any of these vulnerabilities.
Obtaining Fixed Software
========================
Cisco has released free software updates that address these
vulnerabilities. Prior to deploying software, customers should consult
their maintenance provider or check the software for feature set
compatibility and known issues specific to their environment.
Customers may only install and expect support for the feature
sets they have purchased. By installing, downloading, accessing
or otherwise using such software upgrades, customers agree to be
bound by the terms of Cisco's software license terms found at
http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html,
or as otherwise set forth at Cisco.com Downloads at
http://www.cisco.com/public/sw-center/sw-usingswc.shtml.
Do not contact psirt@cisco.com or security-alert@cisco.com for software
upgrades.
Customers with Service Contracts
+-------------------------------
Customers with contracts should obtain upgraded software through their
regular update channels. For most customers, this means that upgrades
should be obtained through the Software Center on Cisco's worldwide
website at http://www.cisco.com.
Customers using Third Party Support Organizations
+------------------------------------------------
Customers whose Cisco products are provided or maintained through prior
or existing agreements with third-party support organizations, such
as Cisco Partners, authorized resellers, or service providers should
contact that support organization for guidance and assistance with the
appropriate course of action in regards to this advisory.
The effectiveness of any workaround or fix is dependent on specific
customer situations, such as product mix, network topology, traffic
behavior, and organizational mission. Due to the variety of affected
products and releases, customers should consult with their service
provider or support organization to ensure any applied workaround or fix
is the most appropriate for use in the intended network before it is
deployed.
Customers without Service Contracts
+----------------------------------
Customers who purchase direct from Cisco but do not hold a Cisco service
contract, and customers who purchase through third-party vendors but are
unsuccessful in obtaining fixed software through their point of sale
should acquire upgrades by contacting the Cisco Technical Assistance
Center (TAC). TAC contacts are as follows.
* +1 800 553 2447 (toll free from within North America)
* +1 408 526 7209 (toll call from anywhere in the world)
* e-mail: tac@cisco.com
Customers should have their product serial number available and be
prepared to give the URL of this notice as evidence of entitlement to a
free upgrade. Free upgrades for non-contract customers must be requested
through the TAC.
Refer to
http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html
for additional TAC contact information, including localized telephone
numbers, and instructions and e-mail addresses for use in various
languages.
Exploitation and Public Announcements
=====================================
The Cisco PSIRT is not aware of any public announcements or malicious
use of the vulnerability described in this advisory.
The privilege escalation and information leakage vulnerabilities were
reported to Cisco by the National Australia Bank's Security Assurance
team. Cisco PSIRT appreciates the opportunity to work with researchers
on security vulnerabilities and welcomes the opportunity to review and
assist in product reports.
The default credentials vulnerability was found during internal testing.
Status of this Notice: FINAL
============================
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY
ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE
INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS
AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS
DOCUMENT AT ANY TIME.
A stand-alone copy or Paraphrase of the text of this document that omits
the distribution URL in the following section is an uncontrolled copy,
and may lack important information or contain factual errors.
Distribution
============
This advisory is posted on Cisco's worldwide website at:
http://www.cisco.com/warp/public/707/cisco-sa-20100303-dmm.shtml
In addition to worldwide web posting, a text version of this notice is
clear-signed with the Cisco PSIRT PGP key and is posted to the following
e-mail and Usenet news recipients.
* cust-security-announce@cisco.com
* first-bulletins@lists.first.org
* bugtraq@securityfocus.com
* vulnwatch@vulnwatch.org
* cisco@spot.colorado.edu
* cisco-nsp@puck.nether.net
* full-disclosure@lists.grok.org.uk
* comp.dcom.sys.cisco@newsgate.cisco.com
Future updates of this advisory, if any, will be placed on Cisco's
worldwide website, but may or may not be actively announced on mailing
lists or newsgroups. Users concerned about this problem are encouraged
to check the above URL for any updates.
Revision History
================
+------------------------------------------------------------+
| Revision 1.0 | 2010-March-03 | Initial public release. |
+------------------------------------------------------------+
Cisco Security Procedures
=========================
Complete information on reporting security vulnerabilities
in Cisco products, obtaining assistance with security
incidents, and registering to receive security information
from Cisco, is available on Cisco's worldwide website at
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html.
This includes instructions for press inquiries regarding
Cisco security notices. All Cisco security advisories are available at
http://www.cisco.com/go/psirt.
+--------------------------------------------------------------------
Copyright 2008-2010 Cisco Systems, Inc. All rights reserved.
+--------------------------------------------------------------------
Updated: Mar 03, 2010 Document ID: 111578
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkuOjE4ACgkQ86n/Gc8U/uCFpwCfcp7+AY14yxLSckn7zVMC5OVi
OGoAn3hXETajNW66WM77qj8bhQ3p5Fm9
=xmBv
-----END PGP SIGNATURE-----
.
Successful exploitation of vulnerabilities #1 and #2 requires
authentication.
3) A security issue exists due to default credentials in the
underlying Tomcat application, which can be exploited to gain
administrative access to the application.
The vulnerability is reported in versions prior to 5.2
SOLUTION:
Update to version 5.2.
ORIGINAL ADVISORY:
http://www.cisco.com/warp/public/707/cisco-sa-20100303-dmm.shtml
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor
| VAR-201003-0245 | CVE-2010-0571 | Cisco DMM Vulnerable to gaining privileges |
CVSS V2: 8.5 CVSS V3: - Severity: HIGH |
Unspecified vulnerability in Cisco Digital Media Manager (DMM) 5.0.x and 5.1.x allows remote authenticated users to gain privileges via unknown vectors, and consequently execute arbitrary code via a crafted web application, aka Bug ID CSCtc46008. This issue is tracked by Cisco Bug ID CSCtc46008.
An authenticated attacker can exploit this issue to modify application configuration settings, gaining elevated privileges. This may lead to a full compromise of the affected computer or aid in further attacks.
Cisco Digital Media Manager 5.0 and 5.1 are vulnerable. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Digital
Media Manager
Advisory ID: cisco-sa-20100303-dmm
http://www.cisco.com/warp/public/707/cisco-sa-20100303-dmm.shtml
Revision 1.0
For Public Release 2010 March 03 1600 UTC (GMT)
+---------------------------------------------------------------------
Summary
=======
Multiple vulnerabilities exist in the Cisco Digital Media Manager
(DMM). This security advisory outlines details of the following
vulnerabilities:
* Default credentials
* Privilege escalation vulnerability
* Information leakage vulnerability
These vulnerabilities are independent of each other.
There are no workarounds that can mitigate any of these vulnerabilities.
This advisory is posted at
http://www.cisco.com/warp/public/707/cisco-sa-20100303-dmm.shtml. This advisory is posted at
http://www.cisco.com/warp/public/707/cisco-sa-20100303-dmp.shtml.
Affected Products
=================
Vulnerable Products
+------------------
The following is a list of the products affected by each vulnerability
as described in detail within this advisory.
Default Credentials
+------------------
Cisco DMM versions 5.0.x and 5.1.x are affected by this vulnerability.
Cisco DMM versions 4.x are not vulnerable.
Cisco DMM versions 4.x are not vulnerable.
Information Leakage Vulnerability
+--------------------------------
All Cisco DMM releases earler than 5.2 are affected by this
vulnerability.
Products Confirmed Not Vulnerable
+--------------------------------
No other Cisco products are currently known to be affected by these
vulnerabilities. This security
advisory describes multiple distinct vulnerabilities in the Cisco DMM.
These vulnerabilities are independent of each other.
Default Credentials
+------------------
Cisco DMM versions earler than 5.2 have default credentials that could
allow an attacker full control of the installed web applications,
including settings, status, and deployment.
Privilege Escalation Vulnerability
+---------------------------------
A vulnerability exists in Cisco DMM versions 5.0.x and 5.1.x that could
allow authenticated, but unauthorized users to change the configuration
and obtain full access of the device.
The Cisco Digital Media Player is an IP-based endpoint that can play
high-definition live and on-demand video, motion graphics, web pages,
and dynamic content on digital displays.
A vulnerability exists in all Cisco DMM versions earler than 5.2 that
could allow authenticated but unauthorized users to view Cisco Digital
Media Player user credentials and LDAP credentials (if configured) in
error log messages and stack traces.
Vulnerability Scoring Details
=============================
Cisco has provided scores for the vulnerabilities in this advisory based
on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in
this Security Advisory is done in accordance with CVSS version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability
severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then
compute environmental scores to assist in determining the impact of the
vulnerability in individual networks.
Cisco has provided an FAQ to answer additional questions regarding CVSS
at:
http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html
Cisco has also provided a CVSS calculator to help compute the
environmental impact for individual networks at
http://intellishield.cisco.com/security/alertmanager/cvss
* CSCta03378 ("Default password for Tomcat administration account")
CVSS Base Score - 10.0
Access Vector - Network
Access Complexity - Low
Authentication - None
Confidentiality Impact - Complete
Integrity Impact - Complete
Availability Impact - Complete
CVSS Temporal Score - 8.7
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
* CSCtc46008 ("Privilege Escalation on DMM")
CVSS Base Score - 8.5
Access Vector - Network
Access Complexity - Medium
Authentication - Single
Confidentiality Impact - Complete
Integrity Impact - Complete
Availability Impact - Complete
CVSS Temporal Score - 8.7
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
* CSCtc46050 ("Potential Information Leakage within Stack Trace")
CVSS Base Score - 7.1
Access Vector - Network
Access Complexity - High
Authentication - Single
Confidentiality Impact - Complete
Integrity Impact - Complete
Availability Impact - Complete
CVSS Temporal Score - 8.7
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
Impact
======
Successful exploitation of the default credentials vulnerability could
allow an attacker to change the settings, status, and deployment of the
installed web applications.
Successful exploitation of the privilege escalation vulnerability could
allow authenticated, but unauthorized users to change the configuration
and obtain full access of the device.
Successful exploitation of the information leakage vulnerability could
allow authenticated but unauthorized users to view Cisco Digital Media
Player user credentials and LDAP credentials (if configured) in error
log messages and stack traces.
Software Versions and Fixes
===========================
When considering software upgrades, also consult
http://www.cisco.com/go/psirt and any subsequent advisories to determine
exposure and a complete upgrade solution.
In all cases, customers should exercise caution to be certain the
devices to be upgraded contain sufficient memory and that current
hardware and software configurations will continue to be supported
properly by the new release. If the information is not clear, contact
the Cisco Technical Assistance Center (TAC) or your contracted
maintenance provider for assistance.
All of the vulnerabilities described in this security advisory have been
fixed in Cisco DMM version 5.2.
Workarounds
===========
There are no workarounds that can mitigate any of these vulnerabilities.
Obtaining Fixed Software
========================
Cisco has released free software updates that address these
vulnerabilities. Prior to deploying software, customers should consult
their maintenance provider or check the software for feature set
compatibility and known issues specific to their environment.
Customers may only install and expect support for the feature
sets they have purchased. By installing, downloading, accessing
or otherwise using such software upgrades, customers agree to be
bound by the terms of Cisco's software license terms found at
http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html,
or as otherwise set forth at Cisco.com Downloads at
http://www.cisco.com/public/sw-center/sw-usingswc.shtml.
Do not contact psirt@cisco.com or security-alert@cisco.com for software
upgrades.
Customers with Service Contracts
+-------------------------------
Customers with contracts should obtain upgraded software through their
regular update channels. For most customers, this means that upgrades
should be obtained through the Software Center on Cisco's worldwide
website at http://www.cisco.com.
Customers using Third Party Support Organizations
+------------------------------------------------
Customers whose Cisco products are provided or maintained through prior
or existing agreements with third-party support organizations, such
as Cisco Partners, authorized resellers, or service providers should
contact that support organization for guidance and assistance with the
appropriate course of action in regards to this advisory.
The effectiveness of any workaround or fix is dependent on specific
customer situations, such as product mix, network topology, traffic
behavior, and organizational mission. Due to the variety of affected
products and releases, customers should consult with their service
provider or support organization to ensure any applied workaround or fix
is the most appropriate for use in the intended network before it is
deployed.
Customers without Service Contracts
+----------------------------------
Customers who purchase direct from Cisco but do not hold a Cisco service
contract, and customers who purchase through third-party vendors but are
unsuccessful in obtaining fixed software through their point of sale
should acquire upgrades by contacting the Cisco Technical Assistance
Center (TAC). TAC contacts are as follows.
* +1 800 553 2447 (toll free from within North America)
* +1 408 526 7209 (toll call from anywhere in the world)
* e-mail: tac@cisco.com
Customers should have their product serial number available and be
prepared to give the URL of this notice as evidence of entitlement to a
free upgrade. Free upgrades for non-contract customers must be requested
through the TAC.
Refer to
http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html
for additional TAC contact information, including localized telephone
numbers, and instructions and e-mail addresses for use in various
languages.
Exploitation and Public Announcements
=====================================
The Cisco PSIRT is not aware of any public announcements or malicious
use of the vulnerability described in this advisory. Cisco PSIRT appreciates the opportunity to work with researchers
on security vulnerabilities and welcomes the opportunity to review and
assist in product reports.
The default credentials vulnerability was found during internal testing.
Status of this Notice: FINAL
============================
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY
ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE
INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS
AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS
DOCUMENT AT ANY TIME.
A stand-alone copy or Paraphrase of the text of this document that omits
the distribution URL in the following section is an uncontrolled copy,
and may lack important information or contain factual errors.
Distribution
============
This advisory is posted on Cisco's worldwide website at:
http://www.cisco.com/warp/public/707/cisco-sa-20100303-dmm.shtml
In addition to worldwide web posting, a text version of this notice is
clear-signed with the Cisco PSIRT PGP key and is posted to the following
e-mail and Usenet news recipients.
* cust-security-announce@cisco.com
* first-bulletins@lists.first.org
* bugtraq@securityfocus.com
* vulnwatch@vulnwatch.org
* cisco@spot.colorado.edu
* cisco-nsp@puck.nether.net
* full-disclosure@lists.grok.org.uk
* comp.dcom.sys.cisco@newsgate.cisco.com
Future updates of this advisory, if any, will be placed on Cisco's
worldwide website, but may or may not be actively announced on mailing
lists or newsgroups. Users concerned about this problem are encouraged
to check the above URL for any updates.
Revision History
================
+------------------------------------------------------------+
| Revision 1.0 | 2010-March-03 | Initial public release. |
+------------------------------------------------------------+
Cisco Security Procedures
=========================
Complete information on reporting security vulnerabilities
in Cisco products, obtaining assistance with security
incidents, and registering to receive security information
from Cisco, is available on Cisco's worldwide website at
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html.
This includes instructions for press inquiries regarding
Cisco security notices. All Cisco security advisories are available at
http://www.cisco.com/go/psirt.
+--------------------------------------------------------------------
Copyright 2008-2010 Cisco Systems, Inc. All rights reserved.
+--------------------------------------------------------------------
Updated: Mar 03, 2010 Document ID: 111578
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkuOjE4ACgkQ86n/Gc8U/uCFpwCfcp7+AY14yxLSckn7zVMC5OVi
OGoAn3hXETajNW66WM77qj8bhQ3p5Fm9
=xmBv
-----END PGP SIGNATURE-----
.
Successful exploitation of vulnerabilities #1 and #2 requires
authentication.
3) A security issue exists due to default credentials in the
underlying Tomcat application, which can be exploited to gain
administrative access to the application.
The vulnerability is reported in versions prior to 5.2
SOLUTION:
Update to version 5.2.
ORIGINAL ADVISORY:
http://www.cisco.com/warp/public/707/cisco-sa-20100303-dmm.shtml
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor
| VAR-201003-0246 | CVE-2010-0572 | Cisco Digital Media Manager Information Disclosure Vulnerability |
CVSS V2: 7.1 CVSS V3: - Severity: HIGH |
Cisco Digital Media Manager (DMM) before 5.2 allows remote authenticated users to discover Cisco Digital Media Player credentials via vectors related to reading a (1) error log or (2) stack trace, aka Bug ID CSCtc46050.
An attacker can exploit this vulnerability to view other users' credentials, which may aid in the complete compromise of affected applications. This security advisory outlines details of the following
vulnerabilities:
* Default credentials
* Privilege escalation vulnerability
* Information leakage vulnerability
These vulnerabilities are independent of each other.
There are no workarounds that can mitigate any of these vulnerabilities.
This advisory is posted at
http://www.cisco.com/warp/public/707/cisco-sa-20100303-dmm.shtml. This advisory is posted at
http://www.cisco.com/warp/public/707/cisco-sa-20100303-dmp.shtml.
Affected Products
=================
Vulnerable Products
+------------------
The following is a list of the products affected by each vulnerability
as described in detail within this advisory.
Privilege Escalation Vulnerability
+---------------------------------
Cisco DMM versions 5.0.x and 5.1.x are affected by this vulnerability.
Information Leakage Vulnerability
+--------------------------------
All Cisco DMM releases earler than 5.2 are affected by this
vulnerability.
Products Confirmed Not Vulnerable
+--------------------------------
No other Cisco products are currently known to be affected by these
vulnerabilities. This security
advisory describes multiple distinct vulnerabilities in the Cisco DMM.
These vulnerabilities are independent of each other.
Default Credentials
+------------------
Cisco DMM versions earler than 5.2 have default credentials that could
allow an attacker full control of the installed web applications,
including settings, status, and deployment.
This vulnerability is documented in Cisco Bug ID CSCta03378 and has
been assigned Common Vulnerabilities and Exposures (CVE) identifier
CVE-2010-0570.
Privilege Escalation Vulnerability
+---------------------------------
A vulnerability exists in Cisco DMM versions 5.0.x and 5.1.x that could
allow authenticated, but unauthorized users to change the configuration
and obtain full access of the device.
This vulnerability is documented in Cisco Bug ID CSCtc46008 and has
been assigned Common Vulnerabilities and Exposures (CVE) identifier
CVE-2010-0571.
The Cisco Digital Media Player is an IP-based endpoint that can play
high-definition live and on-demand video, motion graphics, web pages,
and dynamic content on digital displays.
This vulnerability is documented in Cisco Bug ID CSCtc46050 and has
been assigned Common Vulnerabilities and Exposures (CVE) identifier
CVE-2010-0572.
Vulnerability Scoring Details
=============================
Cisco has provided scores for the vulnerabilities in this advisory based
on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in
this Security Advisory is done in accordance with CVSS version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability
severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then
compute environmental scores to assist in determining the impact of the
vulnerability in individual networks.
Cisco has provided an FAQ to answer additional questions regarding CVSS
at:
http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html
Cisco has also provided a CVSS calculator to help compute the
environmental impact for individual networks at
http://intellishield.cisco.com/security/alertmanager/cvss
* CSCta03378 ("Default password for Tomcat administration account")
CVSS Base Score - 10.0
Access Vector - Network
Access Complexity - Low
Authentication - None
Confidentiality Impact - Complete
Integrity Impact - Complete
Availability Impact - Complete
CVSS Temporal Score - 8.7
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
* CSCtc46008 ("Privilege Escalation on DMM")
CVSS Base Score - 8.5
Access Vector - Network
Access Complexity - Medium
Authentication - Single
Confidentiality Impact - Complete
Integrity Impact - Complete
Availability Impact - Complete
CVSS Temporal Score - 8.7
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
* CSCtc46050 ("Potential Information Leakage within Stack Trace")
CVSS Base Score - 7.1
Access Vector - Network
Access Complexity - High
Authentication - Single
Confidentiality Impact - Complete
Integrity Impact - Complete
Availability Impact - Complete
CVSS Temporal Score - 8.7
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
Impact
======
Successful exploitation of the default credentials vulnerability could
allow an attacker to change the settings, status, and deployment of the
installed web applications.
Successful exploitation of the privilege escalation vulnerability could
allow authenticated, but unauthorized users to change the configuration
and obtain full access of the device.
Software Versions and Fixes
===========================
When considering software upgrades, also consult
http://www.cisco.com/go/psirt and any subsequent advisories to determine
exposure and a complete upgrade solution.
In all cases, customers should exercise caution to be certain the
devices to be upgraded contain sufficient memory and that current
hardware and software configurations will continue to be supported
properly by the new release. If the information is not clear, contact
the Cisco Technical Assistance Center (TAC) or your contracted
maintenance provider for assistance.
All of the vulnerabilities described in this security advisory have been
fixed in Cisco DMM version 5.2.
Workarounds
===========
There are no workarounds that can mitigate any of these vulnerabilities.
Obtaining Fixed Software
========================
Cisco has released free software updates that address these
vulnerabilities. Prior to deploying software, customers should consult
their maintenance provider or check the software for feature set
compatibility and known issues specific to their environment.
Customers may only install and expect support for the feature
sets they have purchased. By installing, downloading, accessing
or otherwise using such software upgrades, customers agree to be
bound by the terms of Cisco's software license terms found at
http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html,
or as otherwise set forth at Cisco.com Downloads at
http://www.cisco.com/public/sw-center/sw-usingswc.shtml.
Do not contact psirt@cisco.com or security-alert@cisco.com for software
upgrades.
Customers with Service Contracts
+-------------------------------
Customers with contracts should obtain upgraded software through their
regular update channels. For most customers, this means that upgrades
should be obtained through the Software Center on Cisco's worldwide
website at http://www.cisco.com.
Customers using Third Party Support Organizations
+------------------------------------------------
Customers whose Cisco products are provided or maintained through prior
or existing agreements with third-party support organizations, such
as Cisco Partners, authorized resellers, or service providers should
contact that support organization for guidance and assistance with the
appropriate course of action in regards to this advisory.
The effectiveness of any workaround or fix is dependent on specific
customer situations, such as product mix, network topology, traffic
behavior, and organizational mission. Due to the variety of affected
products and releases, customers should consult with their service
provider or support organization to ensure any applied workaround or fix
is the most appropriate for use in the intended network before it is
deployed.
Customers without Service Contracts
+----------------------------------
Customers who purchase direct from Cisco but do not hold a Cisco service
contract, and customers who purchase through third-party vendors but are
unsuccessful in obtaining fixed software through their point of sale
should acquire upgrades by contacting the Cisco Technical Assistance
Center (TAC). TAC contacts are as follows.
* +1 800 553 2447 (toll free from within North America)
* +1 408 526 7209 (toll call from anywhere in the world)
* e-mail: tac@cisco.com
Customers should have their product serial number available and be
prepared to give the URL of this notice as evidence of entitlement to a
free upgrade. Free upgrades for non-contract customers must be requested
through the TAC.
Refer to
http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html
for additional TAC contact information, including localized telephone
numbers, and instructions and e-mail addresses for use in various
languages.
Exploitation and Public Announcements
=====================================
The Cisco PSIRT is not aware of any public announcements or malicious
use of the vulnerability described in this advisory.
The privilege escalation and information leakage vulnerabilities were
reported to Cisco by the National Australia Bank's Security Assurance
team. Cisco PSIRT appreciates the opportunity to work with researchers
on security vulnerabilities and welcomes the opportunity to review and
assist in product reports.
The default credentials vulnerability was found during internal testing.
Status of this Notice: FINAL
============================
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY
ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE
INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS
AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS
DOCUMENT AT ANY TIME.
A stand-alone copy or Paraphrase of the text of this document that omits
the distribution URL in the following section is an uncontrolled copy,
and may lack important information or contain factual errors.
Distribution
============
This advisory is posted on Cisco's worldwide website at:
http://www.cisco.com/warp/public/707/cisco-sa-20100303-dmm.shtml
In addition to worldwide web posting, a text version of this notice is
clear-signed with the Cisco PSIRT PGP key and is posted to the following
e-mail and Usenet news recipients.
* cust-security-announce@cisco.com
* first-bulletins@lists.first.org
* bugtraq@securityfocus.com
* vulnwatch@vulnwatch.org
* cisco@spot.colorado.edu
* cisco-nsp@puck.nether.net
* full-disclosure@lists.grok.org.uk
* comp.dcom.sys.cisco@newsgate.cisco.com
Future updates of this advisory, if any, will be placed on Cisco's
worldwide website, but may or may not be actively announced on mailing
lists or newsgroups. Users concerned about this problem are encouraged
to check the above URL for any updates.
Revision History
================
+------------------------------------------------------------+
| Revision 1.0 | 2010-March-03 | Initial public release. |
+------------------------------------------------------------+
Cisco Security Procedures
=========================
Complete information on reporting security vulnerabilities
in Cisco products, obtaining assistance with security
incidents, and registering to receive security information
from Cisco, is available on Cisco's worldwide website at
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html.
This includes instructions for press inquiries regarding
Cisco security notices. All Cisco security advisories are available at
http://www.cisco.com/go/psirt.
+--------------------------------------------------------------------
Copyright 2008-2010 Cisco Systems, Inc. All rights reserved.
+--------------------------------------------------------------------
Updated: Mar 03, 2010 Document ID: 111578
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkuOjE4ACgkQ86n/Gc8U/uCFpwCfcp7+AY14yxLSckn7zVMC5OVi
OGoAn3hXETajNW66WM77qj8bhQ3p5Fm9
=xmBv
-----END PGP SIGNATURE-----
.
Successful exploitation of vulnerabilities #1 and #2 requires
authentication.
3) A security issue exists due to default credentials in the
underlying Tomcat application, which can be exploited to gain
administrative access to the application.
The vulnerability is reported in versions prior to 5.2
SOLUTION:
Update to version 5.2.
ORIGINAL ADVISORY:
http://www.cisco.com/warp/public/707/cisco-sa-20100303-dmm.shtml
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor
| VAR-201003-0251 | CVE-2010-0587 | Cisco Unified Communications Manager Service disruption in (DoS) Vulnerabilities |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x before 4.3(2)SR2, 6.x before 6.1(5), 7.x before 7.1(3a)su1, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SCCP StationCapabilitiesRes message with an invalid MaxCap field, aka Bug ID CSCtc38985. Cisco Unified Communications Manager is prone to a denial-of-service vulnerability.
An attacker can exploit this issue to cause an interruption in voice services, denying service to legitimate users.
This issue is tracked by Cisco Bug ID CSCtc38985. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Unified Communications Manager Denial
of Service Vulnerabilities
Advisory ID: cisco-sa-20100303-cucm
Revision 1.0
For Public Release 2010 March 3 1600 UTC (GMT)
+---------------------------------------------------------------------
Summary
=======
Cisco Unified Communications Manager (formerly Cisco CallManager)
contains multiple denial of service (DoS) vulnerabilities that if
exploited could cause an interruption of voice services. The Session
Initiation Protocol (SIP), Skinny Client Control Protocol (SCCP) and
Computer Telephony Integration (CTI) Manager services are affected by
these vulnerabilities.
There is a workaround for of one the vulnerabilities. No other Cisco products are currently known to be
affected by these vulnerabilities.
Details
=======
Cisco Unified Communications Manager is the call processing component
of the Cisco IP Telephony solution that extends enterprise telephony
features and functions to packet telephony network devices, such as
IP phones, media processing devices, VoIP gateways, and multimedia
applications. All SCCP ports (TCP ports 2000 and 2443) are affected.
Malformed SIP Message Vulnerabilities
+------------------------------------
Cisco Unified Communications Manager contains two DoS vulnerabilities
that involve the processing of SIP messages. All SIP ports (TCP ports 5060 and 5061, UDP ports 5060 and
5061) are affected. A malformed message sent to the CTI
Manager service port (TCP 2748) could cause the CTI Manager service
to fail, which could result in the interruption of CTI applications.
The CTI Manager service is disabled by default.
Vulnerability Scoring Details
=============================
Cisco has provided scores for the vulnerabilities in this advisory
based on the Common Vulnerability Scoring System (CVSS). The CVSS
scoring in this Security Advisory is done in accordance with CVSS
version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability
severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then
compute environmental scores to assist in determining the impact of
the vulnerability in individual networks.
Cisco has provided an FAQ to answer additional questions regarding
CVSS at:
http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html
Cisco has also provided a CVSS calculator to help compute the
environmental impact for individual networks at:
http://intellishield.cisco.com/security/alertmanager/cvss
CSCtc38985 - CCM Coredump on SCCP StationCapabilitiesRes Message with MaxCap Exceeded
CVSS Base Score - 7.8
Access Vector - Network
Access Complexity - Low
Authentication - None
Confidentiality Impact - None
Integrity Impact - None
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
CSCtc47823 - CCM Core at invalid Line# in SCCP RegAvailableLines and FwdStatReq
CVSS Base Score - 7.8
Access Vector - Network
Access Complexity - Low
Authentication - None
Confidentiality Impact - None
Integrity Impact - None
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
CSCtc37188 - CMSIPUtility Coredump on Fuzzed Register Message
CVSS Base Score - 7.8
Access Vector - Network
Access Complexity - Low
Authentication - None
Confidentiality Impact - None
Integrity Impact - None
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
CSCtc62362 - CCM Coredump on Overflow of Field Telephone-URL in REG Msg
CVSS Base Score - 7.8
Access Vector - Network
Access Complexity - Low
Authentication - None
Confidentiality Impact - None
Integrity Impact - None
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
CSCsu31800 - CTI crash with invalid packet
CVSS Base Score - 7.8
Access Vector - Network
Access Complexity - Low
Authentication - None
Confidentiality Impact - None
Integrity Impact - None
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
Impact
======
Successful exploitation of the vulnerabilities that are described in
this advisory could result in the interruption of voice services.
Software Versions and Fixes
===========================
When considering software upgrades, also consult:
http://www.cisco.com/go/psirt
and any subsequent advisories to determine exposure and a
complete upgrade solution.
In all cases, customers should exercise caution to be certain the
devices to be upgraded contain sufficient memory and that current
hardware and software configurations will continue to be supported
properly by the new release. If the information is not clear, contact
the Cisco Technical Assistance Center (TAC) or your contracted
maintenance provider for assistance. |
|----------------+----------------------|
| 6.x | 6.1(5) |
|----------------+----------------------|
| 7.x | 7.1(3b)SU2 |
|----------------+----------------------|
| | Cisco Unified |
| | Communications |
| | Manager version 8.0 |
| | (1) was distributed |
| 8.x | with software fixes |
| | for all the |
| | vulnerabilities that |
| | are described in |
| | this advisory. |
+---------------------------------------+
Cisco Unified Communications Manager software version 4.3(2)SR2 can
be downloaded at the following link:
http://tools.cisco.com/support/downloads/go/PlatformList.x?sftType=Unified+Communications+Manager+Updates&mdfid=280771554&treeName=Voice+and+Unified+Communications&mdfLevel=Software%20Version/Option&url=null&modelName=Cisco+Unified+Communications+Manager+Version+4.3&isPlatform=N&treeMdfId=278875240&modifmdfid=null&imname=&hybrid=Y&imst=N
Cisco Unified Communications Manager software version 6.1(5) can be
downloaded at the following link:
http://tools.cisco.com/support/downloads/go/ReleaseType.x?optPlat=&isPlatform=Y&mdfid=281023410&sftType=Unified+Communications+Manager+Updates&treeName=Voice+and+Unified+Communications&modelName=Cisco+Unified+Communications+Manager+Version+6.1&mdfLevel=Software%20Version/Option&treeMdfId=278875240&modifmdfid=null&imname=&hybrid=Y&imst=N
Cisco Unified Communications Manager software version 7.1(3b)SU2 can
be downloaded at the following link:
http://tools.cisco.com/support/downloads/go/PlatformList.x?sftType=Unified+Communications+Manager+Updates&mdfid=282421166&treeName=Voice+and+Unified+Communications&mdfLevel=Software%20Version/Option&url=null&modelName=Cisco+Unified+Communications+Manager+Version+7.1&isPlatform=N&treeMdfId=278875240&modifmdfid=null&imname=&hybrid=Y&imst=N
Workarounds
===========
Administrators can mitigate the SCCP- and SIP-related vulnerabilities
by implementing filtering on screening devices to permit access to
TCP ports 2000 and 2443, and TCP and UDP ports 5060 and 5061 only
from networks that require SCCP and SIP access to Cisco Unified
Communications Manager appliances.
It is possible to mitigate the CTI Manager vulnerability by disabling
the CTI Manager service t is not necessary; however, this workaround
will interrupt applications that reply on the CTI Manager service.
Administrators can also mitigate the vulnerability by implementing
filtering on screening devices to permit access to TCP port 2748 only
from networks that require access to the CTI Manager service. Please
consult the following documentation for details on disabling Cisco
Unified Communications Manager services:
http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/service/6_0_1/admin/sasrvact.html#wp1048390
Additional mitigation techniques that can be deployed on Cisco
devices within the network are available in the Cisco Applied
Mitigation Bulletin companion document for this advisory:
http://www.cisco.com/warp/public/707/cisco-amb-20100303-cucm.shtml
Obtaining Fixed Software
========================
Cisco has released free software updates that address these
vulnerabilities. Prior to deploying software, customers should
consult their maintenance provider or check the software for feature
set compatibility and known issues specific to their environment.
Customers may only install and expect support for the feature sets
they have purchased. By installing, downloading, accessing or
otherwise using such software upgrades, customers agree to be bound
by the terms of Cisco's software license terms found at:
http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html
or as otherwise set forth at Cisco.com Downloads at:
http://www.cisco.com/public/sw-center/sw-usingswc.shtml
Do not contact psirt@cisco.com or security-alert@cisco.com for
software upgrades.
Customers with Service Contracts
+-------------------------------
Customers with contracts should obtain upgraded software through
their regular update channels. For most customers, this means that
upgrades should be obtained through the Software Center on Cisco's
worldwide website at http://www.cisco.com.
Customers using Third Party Support Organizations
+------------------------------------------------
Customers whose Cisco products are provided or maintained through
prior or existing agreements with third-party support organizations,
such as Cisco Partners, authorized resellers, or service providers
should contact that support organization for guidance and assistance
with the appropriate course of action in regards to this advisory.
The effectiveness of any workaround or fix is dependent on specific
customer situations, such as product mix, network topology, traffic
behavior, and organizational mission. Due to the variety of affected
products and releases, customers should consult with their service
provider or support organization to ensure any applied workaround or
fix is the most appropriate for use in the intended network before it
is deployed.
Customers without Service Contracts
+----------------------------------
Customers who purchase direct from Cisco but do not hold a Cisco
service contract, and customers who purchase through third-party
vendors but are unsuccessful in obtaining fixed software through
their point of sale should acquire upgrades by contacting the Cisco
Technical Assistance Center (TAC). TAC contacts are as follows.
* +1 800 553 2447 (toll free from within North America)
* +1 408 526 7209 (toll call from anywhere in the world)
* e-mail: tac@cisco.com
Customers should have their product serial number available and be
prepared to give the URL of this notice as evidence of entitlement to
a free upgrade. Free upgrades for non-contract customers must be
requested through the TAC.
Refer to:
http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html
for additional TAC contact information, including localized telephone
numbers, and instructions and e-mail addresses for use in various
languages.
Exploitation and Public Announcements
=====================================
The Cisco PSIRT is not aware of any public announcements or malicious
use of the vulnerabilities described in this advisory. Cisco would like to thank Sipera
VIPER Lab team for reporting this vulnerability to us and for working
with us on a coordinated disclosure.
All other vulnerabilities described in this advisory were discovered
as a result of internal testing conducted by Cisco.
Status of this Notice: FINAL
============================
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY
KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE
INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS
AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS
DOCUMENT AT ANY TIME.
A stand-alone copy or Paraphrase of the text of this document that
omits the distribution URL in the following section is an
uncontrolled copy, and may lack important information or contain
factual errors.
Distribution
============
This advisory is posted on Cisco's worldwide website at:
http://www.cisco.com/warp/public/707/cisco-sa-20100303-cucm.shtml
In addition to worldwide web posting, a text version of this notice
is clear-signed with the Cisco PSIRT PGP key and is posted to the
following e-mail and Usenet news recipients.
* cust-security-announce@cisco.com
* first-bulletins@lists.first.org
* bugtraq@securityfocus.com
* vulnwatch@vulnwatch.org
* cisco@spot.colorado.edu
* cisco-nsp@puck.nether.net
* full-disclosure@lists.grok.org.uk
* comp.dcom.sys.cisco@newsgate.cisco.com
Future updates of this advisory, if any, will be placed on Cisco's
worldwide website, but may or may not be actively announced on
mailing lists or newsgroups. Users concerned about this problem are
encouraged to check the above URL for any updates.
Revision History
================
+---------------------------------------+
| Revision | | Initial |
| 1.0 | 2010-March-03 | public |
| | | release |
+---------------------------------------+
Cisco Security Procedures
=========================
Complete information on reporting security vulnerabilities in Cisco
products, obtaining assistance with security incidents, and
registering to receive security information from Cisco, is available
on Cisco's worldwide website at:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
This includes instructions for press inquiries regarding Cisco security
notices. All Cisco security advisories are available at:
http://www.cisco.com/go/psirt
-----BEGIN PGP SIGNATURE-----
iD8DBQFLjfPv86n/Gc8U/uARAg+/AJ9olaRLtbZpQgpUAlbntFXazT9xFQCfR3js
JuXvX7dKZb3f9AwRnZJ0B4E=
=WqCm
-----END PGP SIGNATURE-----
| VAR-201003-0252 | CVE-2010-0588 | Cisco Unified Communications Manager Service disruption in (DoS) Vulnerabilities |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.x before 7.1(3a)su1, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SCCP (1) RegAvailableLines or (2) FwdStatReq message with an invalid Line number, aka Bug ID CSCtc47823. Cisco Unified Communications Manager is prone to a denial-of-service vulnerability.
An attacker can exploit this issue to cause an interruption in voice services, denying service to legitimate users.
This issue is tracked by Cisco Bug ID CSCtc47823. The Session
Initiation Protocol (SIP), Skinny Client Control Protocol (SCCP) and
Computer Telephony Integration (CTI) Manager services are affected by
these vulnerabilities.
There is a workaround for of one the vulnerabilities. No other Cisco products are currently known to be
affected by these vulnerabilities.
Details
=======
Cisco Unified Communications Manager is the call processing component
of the Cisco IP Telephony solution that extends enterprise telephony
features and functions to packet telephony network devices, such as
IP phones, media processing devices, VoIP gateways, and multimedia
applications. All SCCP ports (TCP ports 2000 and 2443) are affected.
Malformed SIP Message Vulnerabilities
+------------------------------------
Cisco Unified Communications Manager contains two DoS vulnerabilities
that involve the processing of SIP messages. All SIP ports (TCP ports 5060 and 5061, UDP ports 5060 and
5061) are affected. A malformed message sent to the CTI
Manager service port (TCP 2748) could cause the CTI Manager service
to fail, which could result in the interruption of CTI applications.
The CTI Manager service is disabled by default.
Vulnerability Scoring Details
=============================
Cisco has provided scores for the vulnerabilities in this advisory
based on the Common Vulnerability Scoring System (CVSS). The CVSS
scoring in this Security Advisory is done in accordance with CVSS
version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability
severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then
compute environmental scores to assist in determining the impact of
the vulnerability in individual networks.
Cisco has provided an FAQ to answer additional questions regarding
CVSS at:
http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html
Cisco has also provided a CVSS calculator to help compute the
environmental impact for individual networks at:
http://intellishield.cisco.com/security/alertmanager/cvss
CSCtc38985 - CCM Coredump on SCCP StationCapabilitiesRes Message with MaxCap Exceeded
CVSS Base Score - 7.8
Access Vector - Network
Access Complexity - Low
Authentication - None
Confidentiality Impact - None
Integrity Impact - None
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
CSCtc47823 - CCM Core at invalid Line# in SCCP RegAvailableLines and FwdStatReq
CVSS Base Score - 7.8
Access Vector - Network
Access Complexity - Low
Authentication - None
Confidentiality Impact - None
Integrity Impact - None
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
CSCtc37188 - CMSIPUtility Coredump on Fuzzed Register Message
CVSS Base Score - 7.8
Access Vector - Network
Access Complexity - Low
Authentication - None
Confidentiality Impact - None
Integrity Impact - None
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
CSCtc62362 - CCM Coredump on Overflow of Field Telephone-URL in REG Msg
CVSS Base Score - 7.8
Access Vector - Network
Access Complexity - Low
Authentication - None
Confidentiality Impact - None
Integrity Impact - None
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
CSCsu31800 - CTI crash with invalid packet
CVSS Base Score - 7.8
Access Vector - Network
Access Complexity - Low
Authentication - None
Confidentiality Impact - None
Integrity Impact - None
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
Impact
======
Successful exploitation of the vulnerabilities that are described in
this advisory could result in the interruption of voice services.
Software Versions and Fixes
===========================
When considering software upgrades, also consult:
http://www.cisco.com/go/psirt
and any subsequent advisories to determine exposure and a
complete upgrade solution.
In all cases, customers should exercise caution to be certain the
devices to be upgraded contain sufficient memory and that current
hardware and software configurations will continue to be supported
properly by the new release. If the information is not clear, contact
the Cisco Technical Assistance Center (TAC) or your contracted
maintenance provider for assistance. |
|----------------+----------------------|
| 6.x | 6.1(5) |
|----------------+----------------------|
| 7.x | 7.1(3b)SU2 |
|----------------+----------------------|
| | Cisco Unified |
| | Communications |
| | Manager version 8.0 |
| | (1) was distributed |
| 8.x | with software fixes |
| | for all the |
| | vulnerabilities that |
| | are described in |
| | this advisory. |
+---------------------------------------+
Cisco Unified Communications Manager software version 4.3(2)SR2 can
be downloaded at the following link:
http://tools.cisco.com/support/downloads/go/PlatformList.x?sftType=Unified+Communications+Manager+Updates&mdfid=280771554&treeName=Voice+and+Unified+Communications&mdfLevel=Software%20Version/Option&url=null&modelName=Cisco+Unified+Communications+Manager+Version+4.3&isPlatform=N&treeMdfId=278875240&modifmdfid=null&imname=&hybrid=Y&imst=N
Cisco Unified Communications Manager software version 6.1(5) can be
downloaded at the following link:
http://tools.cisco.com/support/downloads/go/ReleaseType.x?optPlat=&isPlatform=Y&mdfid=281023410&sftType=Unified+Communications+Manager+Updates&treeName=Voice+and+Unified+Communications&modelName=Cisco+Unified+Communications+Manager+Version+6.1&mdfLevel=Software%20Version/Option&treeMdfId=278875240&modifmdfid=null&imname=&hybrid=Y&imst=N
Cisco Unified Communications Manager software version 7.1(3b)SU2 can
be downloaded at the following link:
http://tools.cisco.com/support/downloads/go/PlatformList.x?sftType=Unified+Communications+Manager+Updates&mdfid=282421166&treeName=Voice+and+Unified+Communications&mdfLevel=Software%20Version/Option&url=null&modelName=Cisco+Unified+Communications+Manager+Version+7.1&isPlatform=N&treeMdfId=278875240&modifmdfid=null&imname=&hybrid=Y&imst=N
Workarounds
===========
Administrators can mitigate the SCCP- and SIP-related vulnerabilities
by implementing filtering on screening devices to permit access to
TCP ports 2000 and 2443, and TCP and UDP ports 5060 and 5061 only
from networks that require SCCP and SIP access to Cisco Unified
Communications Manager appliances.
It is possible to mitigate the CTI Manager vulnerability by disabling
the CTI Manager service t is not necessary; however, this workaround
will interrupt applications that reply on the CTI Manager service.
Administrators can also mitigate the vulnerability by implementing
filtering on screening devices to permit access to TCP port 2748 only
from networks that require access to the CTI Manager service. Please
consult the following documentation for details on disabling Cisco
Unified Communications Manager services:
http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/service/6_0_1/admin/sasrvact.html#wp1048390
Additional mitigation techniques that can be deployed on Cisco
devices within the network are available in the Cisco Applied
Mitigation Bulletin companion document for this advisory:
http://www.cisco.com/warp/public/707/cisco-amb-20100303-cucm.shtml
Obtaining Fixed Software
========================
Cisco has released free software updates that address these
vulnerabilities. Prior to deploying software, customers should
consult their maintenance provider or check the software for feature
set compatibility and known issues specific to their environment.
Customers may only install and expect support for the feature sets
they have purchased. By installing, downloading, accessing or
otherwise using such software upgrades, customers agree to be bound
by the terms of Cisco's software license terms found at:
http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html
or as otherwise set forth at Cisco.com Downloads at:
http://www.cisco.com/public/sw-center/sw-usingswc.shtml
Do not contact psirt@cisco.com or security-alert@cisco.com for
software upgrades.
Customers with Service Contracts
+-------------------------------
Customers with contracts should obtain upgraded software through
their regular update channels. For most customers, this means that
upgrades should be obtained through the Software Center on Cisco's
worldwide website at http://www.cisco.com.
Customers using Third Party Support Organizations
+------------------------------------------------
Customers whose Cisco products are provided or maintained through
prior or existing agreements with third-party support organizations,
such as Cisco Partners, authorized resellers, or service providers
should contact that support organization for guidance and assistance
with the appropriate course of action in regards to this advisory.
The effectiveness of any workaround or fix is dependent on specific
customer situations, such as product mix, network topology, traffic
behavior, and organizational mission. Due to the variety of affected
products and releases, customers should consult with their service
provider or support organization to ensure any applied workaround or
fix is the most appropriate for use in the intended network before it
is deployed.
Customers without Service Contracts
+----------------------------------
Customers who purchase direct from Cisco but do not hold a Cisco
service contract, and customers who purchase through third-party
vendors but are unsuccessful in obtaining fixed software through
their point of sale should acquire upgrades by contacting the Cisco
Technical Assistance Center (TAC). TAC contacts are as follows.
* +1 800 553 2447 (toll free from within North America)
* +1 408 526 7209 (toll call from anywhere in the world)
* e-mail: tac@cisco.com
Customers should have their product serial number available and be
prepared to give the URL of this notice as evidence of entitlement to
a free upgrade. Free upgrades for non-contract customers must be
requested through the TAC.
Refer to:
http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html
for additional TAC contact information, including localized telephone
numbers, and instructions and e-mail addresses for use in various
languages.
Exploitation and Public Announcements
=====================================
The Cisco PSIRT is not aware of any public announcements or malicious
use of the vulnerabilities described in this advisory. Cisco would like to thank Sipera
VIPER Lab team for reporting this vulnerability to us and for working
with us on a coordinated disclosure.
All other vulnerabilities described in this advisory were discovered
as a result of internal testing conducted by Cisco.
Status of this Notice: FINAL
============================
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY
KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE
INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS
AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS
DOCUMENT AT ANY TIME.
A stand-alone copy or Paraphrase of the text of this document that
omits the distribution URL in the following section is an
uncontrolled copy, and may lack important information or contain
factual errors.
Distribution
============
This advisory is posted on Cisco's worldwide website at:
http://www.cisco.com/warp/public/707/cisco-sa-20100303-cucm.shtml
In addition to worldwide web posting, a text version of this notice
is clear-signed with the Cisco PSIRT PGP key and is posted to the
following e-mail and Usenet news recipients.
* cust-security-announce@cisco.com
* first-bulletins@lists.first.org
* bugtraq@securityfocus.com
* vulnwatch@vulnwatch.org
* cisco@spot.colorado.edu
* cisco-nsp@puck.nether.net
* full-disclosure@lists.grok.org.uk
* comp.dcom.sys.cisco@newsgate.cisco.com
Future updates of this advisory, if any, will be placed on Cisco's
worldwide website, but may or may not be actively announced on
mailing lists or newsgroups. Users concerned about this problem are
encouraged to check the above URL for any updates.
Revision History
================
+---------------------------------------+
| Revision | | Initial |
| 1.0 | 2010-March-03 | public |
| | | release |
+---------------------------------------+
Cisco Security Procedures
=========================
Complete information on reporting security vulnerabilities in Cisco
products, obtaining assistance with security incidents, and
registering to receive security information from Cisco, is available
on Cisco's worldwide website at:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
This includes instructions for press inquiries regarding Cisco security
notices. All Cisco security advisories are available at:
http://www.cisco.com/go/psirt
-----BEGIN PGP SIGNATURE-----
iD8DBQFLjfPv86n/Gc8U/uARAg+/AJ9olaRLtbZpQgpUAlbntFXazT9xFQCfR3js
JuXvX7dKZb3f9AwRnZJ0B4E=
=WqCm
-----END PGP SIGNATURE-----
| VAR-201003-0253 | CVE-2010-0590 | Cisco Unified Communications Manager of CMSIPUtility Service disruption in components (DoS) Vulnerabilities |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
The CMSIPUtility component in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.x before 7.1(3a)su1 and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP Register message, aka Bug ID CSCtc37188. Cisco Unified Communications Manager is prone to a denial-of-service vulnerability.
An attacker can exploit this issue to cause an interruption in voice services, denying service to legitimate users.
This issue is tracked by Cisco Bug ID CSCtc37188. The Session
Initiation Protocol (SIP), Skinny Client Control Protocol (SCCP) and
Computer Telephony Integration (CTI) Manager services are affected by
these vulnerabilities.
There is a workaround for of one the vulnerabilities. No other Cisco products are currently known to be
affected by these vulnerabilities.
Details
=======
Cisco Unified Communications Manager is the call processing component
of the Cisco IP Telephony solution that extends enterprise telephony
features and functions to packet telephony network devices, such as
IP phones, media processing devices, VoIP gateways, and multimedia
applications. Each vulnerability is
triggered by a malformed SCCP message that could cause a critical
process to fail, which could result in the disruption of voice
services. All SCCP ports (TCP ports 2000 and 2443) are affected. All SIP ports (TCP ports 5060 and 5061, UDP ports 5060 and
5061) are affected. A malformed message sent to the CTI
Manager service port (TCP 2748) could cause the CTI Manager service
to fail, which could result in the interruption of CTI applications.
The CTI Manager service is disabled by default.
Vulnerability Scoring Details
=============================
Cisco has provided scores for the vulnerabilities in this advisory
based on the Common Vulnerability Scoring System (CVSS). The CVSS
scoring in this Security Advisory is done in accordance with CVSS
version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability
severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then
compute environmental scores to assist in determining the impact of
the vulnerability in individual networks.
Cisco has provided an FAQ to answer additional questions regarding
CVSS at:
http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html
Cisco has also provided a CVSS calculator to help compute the
environmental impact for individual networks at:
http://intellishield.cisco.com/security/alertmanager/cvss
CSCtc38985 - CCM Coredump on SCCP StationCapabilitiesRes Message with MaxCap Exceeded
CVSS Base Score - 7.8
Access Vector - Network
Access Complexity - Low
Authentication - None
Confidentiality Impact - None
Integrity Impact - None
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
CSCtc47823 - CCM Core at invalid Line# in SCCP RegAvailableLines and FwdStatReq
CVSS Base Score - 7.8
Access Vector - Network
Access Complexity - Low
Authentication - None
Confidentiality Impact - None
Integrity Impact - None
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
CSCtc37188 - CMSIPUtility Coredump on Fuzzed Register Message
CVSS Base Score - 7.8
Access Vector - Network
Access Complexity - Low
Authentication - None
Confidentiality Impact - None
Integrity Impact - None
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
CSCtc62362 - CCM Coredump on Overflow of Field Telephone-URL in REG Msg
CVSS Base Score - 7.8
Access Vector - Network
Access Complexity - Low
Authentication - None
Confidentiality Impact - None
Integrity Impact - None
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
CSCsu31800 - CTI crash with invalid packet
CVSS Base Score - 7.8
Access Vector - Network
Access Complexity - Low
Authentication - None
Confidentiality Impact - None
Integrity Impact - None
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
Impact
======
Successful exploitation of the vulnerabilities that are described in
this advisory could result in the interruption of voice services.
Software Versions and Fixes
===========================
When considering software upgrades, also consult:
http://www.cisco.com/go/psirt
and any subsequent advisories to determine exposure and a
complete upgrade solution.
In all cases, customers should exercise caution to be certain the
devices to be upgraded contain sufficient memory and that current
hardware and software configurations will continue to be supported
properly by the new release. If the information is not clear, contact
the Cisco Technical Assistance Center (TAC) or your contracted
maintenance provider for assistance. |
|----------------+----------------------|
| 6.x | 6.1(5) |
|----------------+----------------------|
| 7.x | 7.1(3b)SU2 |
|----------------+----------------------|
| | Cisco Unified |
| | Communications |
| | Manager version 8.0 |
| | (1) was distributed |
| 8.x | with software fixes |
| | for all the |
| | vulnerabilities that |
| | are described in |
| | this advisory. |
+---------------------------------------+
Cisco Unified Communications Manager software version 4.3(2)SR2 can
be downloaded at the following link:
http://tools.cisco.com/support/downloads/go/PlatformList.x?sftType=Unified+Communications+Manager+Updates&mdfid=280771554&treeName=Voice+and+Unified+Communications&mdfLevel=Software%20Version/Option&url=null&modelName=Cisco+Unified+Communications+Manager+Version+4.3&isPlatform=N&treeMdfId=278875240&modifmdfid=null&imname=&hybrid=Y&imst=N
Cisco Unified Communications Manager software version 6.1(5) can be
downloaded at the following link:
http://tools.cisco.com/support/downloads/go/ReleaseType.x?optPlat=&isPlatform=Y&mdfid=281023410&sftType=Unified+Communications+Manager+Updates&treeName=Voice+and+Unified+Communications&modelName=Cisco+Unified+Communications+Manager+Version+6.1&mdfLevel=Software%20Version/Option&treeMdfId=278875240&modifmdfid=null&imname=&hybrid=Y&imst=N
Cisco Unified Communications Manager software version 7.1(3b)SU2 can
be downloaded at the following link:
http://tools.cisco.com/support/downloads/go/PlatformList.x?sftType=Unified+Communications+Manager+Updates&mdfid=282421166&treeName=Voice+and+Unified+Communications&mdfLevel=Software%20Version/Option&url=null&modelName=Cisco+Unified+Communications+Manager+Version+7.1&isPlatform=N&treeMdfId=278875240&modifmdfid=null&imname=&hybrid=Y&imst=N
Workarounds
===========
Administrators can mitigate the SCCP- and SIP-related vulnerabilities
by implementing filtering on screening devices to permit access to
TCP ports 2000 and 2443, and TCP and UDP ports 5060 and 5061 only
from networks that require SCCP and SIP access to Cisco Unified
Communications Manager appliances.
It is possible to mitigate the CTI Manager vulnerability by disabling
the CTI Manager service t is not necessary; however, this workaround
will interrupt applications that reply on the CTI Manager service.
Administrators can also mitigate the vulnerability by implementing
filtering on screening devices to permit access to TCP port 2748 only
from networks that require access to the CTI Manager service. Please
consult the following documentation for details on disabling Cisco
Unified Communications Manager services:
http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/service/6_0_1/admin/sasrvact.html#wp1048390
Additional mitigation techniques that can be deployed on Cisco
devices within the network are available in the Cisco Applied
Mitigation Bulletin companion document for this advisory:
http://www.cisco.com/warp/public/707/cisco-amb-20100303-cucm.shtml
Obtaining Fixed Software
========================
Cisco has released free software updates that address these
vulnerabilities. Prior to deploying software, customers should
consult their maintenance provider or check the software for feature
set compatibility and known issues specific to their environment.
Customers may only install and expect support for the feature sets
they have purchased. By installing, downloading, accessing or
otherwise using such software upgrades, customers agree to be bound
by the terms of Cisco's software license terms found at:
http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html
or as otherwise set forth at Cisco.com Downloads at:
http://www.cisco.com/public/sw-center/sw-usingswc.shtml
Do not contact psirt@cisco.com or security-alert@cisco.com for
software upgrades.
Customers with Service Contracts
+-------------------------------
Customers with contracts should obtain upgraded software through
their regular update channels. For most customers, this means that
upgrades should be obtained through the Software Center on Cisco's
worldwide website at http://www.cisco.com.
Customers using Third Party Support Organizations
+------------------------------------------------
Customers whose Cisco products are provided or maintained through
prior or existing agreements with third-party support organizations,
such as Cisco Partners, authorized resellers, or service providers
should contact that support organization for guidance and assistance
with the appropriate course of action in regards to this advisory.
The effectiveness of any workaround or fix is dependent on specific
customer situations, such as product mix, network topology, traffic
behavior, and organizational mission. Due to the variety of affected
products and releases, customers should consult with their service
provider or support organization to ensure any applied workaround or
fix is the most appropriate for use in the intended network before it
is deployed.
Customers without Service Contracts
+----------------------------------
Customers who purchase direct from Cisco but do not hold a Cisco
service contract, and customers who purchase through third-party
vendors but are unsuccessful in obtaining fixed software through
their point of sale should acquire upgrades by contacting the Cisco
Technical Assistance Center (TAC). TAC contacts are as follows.
* +1 800 553 2447 (toll free from within North America)
* +1 408 526 7209 (toll call from anywhere in the world)
* e-mail: tac@cisco.com
Customers should have their product serial number available and be
prepared to give the URL of this notice as evidence of entitlement to
a free upgrade. Free upgrades for non-contract customers must be
requested through the TAC.
Refer to:
http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html
for additional TAC contact information, including localized telephone
numbers, and instructions and e-mail addresses for use in various
languages.
Exploitation and Public Announcements
=====================================
The Cisco PSIRT is not aware of any public announcements or malicious
use of the vulnerabilities described in this advisory. Cisco would like to thank Sipera
VIPER Lab team for reporting this vulnerability to us and for working
with us on a coordinated disclosure.
All other vulnerabilities described in this advisory were discovered
as a result of internal testing conducted by Cisco.
Status of this Notice: FINAL
============================
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY
KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE
INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS
AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS
DOCUMENT AT ANY TIME.
A stand-alone copy or Paraphrase of the text of this document that
omits the distribution URL in the following section is an
uncontrolled copy, and may lack important information or contain
factual errors.
Distribution
============
This advisory is posted on Cisco's worldwide website at:
http://www.cisco.com/warp/public/707/cisco-sa-20100303-cucm.shtml
In addition to worldwide web posting, a text version of this notice
is clear-signed with the Cisco PSIRT PGP key and is posted to the
following e-mail and Usenet news recipients.
* cust-security-announce@cisco.com
* first-bulletins@lists.first.org
* bugtraq@securityfocus.com
* vulnwatch@vulnwatch.org
* cisco@spot.colorado.edu
* cisco-nsp@puck.nether.net
* full-disclosure@lists.grok.org.uk
* comp.dcom.sys.cisco@newsgate.cisco.com
Future updates of this advisory, if any, will be placed on Cisco's
worldwide website, but may or may not be actively announced on
mailing lists or newsgroups. Users concerned about this problem are
encouraged to check the above URL for any updates.
Revision History
================
+---------------------------------------+
| Revision | | Initial |
| 1.0 | 2010-March-03 | public |
| | | release |
+---------------------------------------+
Cisco Security Procedures
=========================
Complete information on reporting security vulnerabilities in Cisco
products, obtaining assistance with security incidents, and
registering to receive security information from Cisco, is available
on Cisco's worldwide website at:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
This includes instructions for press inquiries regarding Cisco security
notices. All Cisco security advisories are available at:
http://www.cisco.com/go/psirt
-----BEGIN PGP SIGNATURE-----
iD8DBQFLjfPv86n/Gc8U/uARAg+/AJ9olaRLtbZpQgpUAlbntFXazT9xFQCfR3js
JuXvX7dKZb3f9AwRnZJ0B4E=
=WqCm
-----END PGP SIGNATURE-----
| VAR-201003-0254 | CVE-2010-0591 | Cisco Unified Communications Manager Service disruption in (DoS) Vulnerabilities |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.x before 7.1(3b)SU2, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP REG message, related to an overflow of the Telephone-URL field, aka Bug ID CSCtc62362. Cisco Unified Communications Manager is prone to a denial-of-service vulnerability.
An attacker can exploit this issue to cause an interruption in voice services, denying service to legitimate users.
This issue is tracked by Cisco Bug ID CSCtc62362. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Unified Communications Manager Denial
of Service Vulnerabilities
Advisory ID: cisco-sa-20100303-cucm
Revision 1.0
For Public Release 2010 March 3 1600 UTC (GMT)
+---------------------------------------------------------------------
Summary
=======
Cisco Unified Communications Manager (formerly Cisco CallManager)
contains multiple denial of service (DoS) vulnerabilities that if
exploited could cause an interruption of voice services. The Session
Initiation Protocol (SIP), Skinny Client Control Protocol (SCCP) and
Computer Telephony Integration (CTI) Manager services are affected by
these vulnerabilities.
There is a workaround for of one the vulnerabilities. No other Cisco products are currently known to be
affected by these vulnerabilities.
Details
=======
Cisco Unified Communications Manager is the call processing component
of the Cisco IP Telephony solution that extends enterprise telephony
features and functions to packet telephony network devices, such as
IP phones, media processing devices, VoIP gateways, and multimedia
applications. Each vulnerability is
triggered by a malformed SCCP message that could cause a critical
process to fail, which could result in the disruption of voice
services. All SCCP ports (TCP ports 2000 and 2443) are affected.
Malformed SIP Message Vulnerabilities
+------------------------------------
Cisco Unified Communications Manager contains two DoS vulnerabilities
that involve the processing of SIP messages. All SIP ports (TCP ports 5060 and 5061, UDP ports 5060 and
5061) are affected. A malformed message sent to the CTI
Manager service port (TCP 2748) could cause the CTI Manager service
to fail, which could result in the interruption of CTI applications.
The CTI Manager service is disabled by default.
Vulnerability Scoring Details
=============================
Cisco has provided scores for the vulnerabilities in this advisory
based on the Common Vulnerability Scoring System (CVSS). The CVSS
scoring in this Security Advisory is done in accordance with CVSS
version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability
severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then
compute environmental scores to assist in determining the impact of
the vulnerability in individual networks.
Cisco has provided an FAQ to answer additional questions regarding
CVSS at:
http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html
Cisco has also provided a CVSS calculator to help compute the
environmental impact for individual networks at:
http://intellishield.cisco.com/security/alertmanager/cvss
CSCtc38985 - CCM Coredump on SCCP StationCapabilitiesRes Message with MaxCap Exceeded
CVSS Base Score - 7.8
Access Vector - Network
Access Complexity - Low
Authentication - None
Confidentiality Impact - None
Integrity Impact - None
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
CSCtc47823 - CCM Core at invalid Line# in SCCP RegAvailableLines and FwdStatReq
CVSS Base Score - 7.8
Access Vector - Network
Access Complexity - Low
Authentication - None
Confidentiality Impact - None
Integrity Impact - None
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
CSCtc37188 - CMSIPUtility Coredump on Fuzzed Register Message
CVSS Base Score - 7.8
Access Vector - Network
Access Complexity - Low
Authentication - None
Confidentiality Impact - None
Integrity Impact - None
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
CSCtc62362 - CCM Coredump on Overflow of Field Telephone-URL in REG Msg
CVSS Base Score - 7.8
Access Vector - Network
Access Complexity - Low
Authentication - None
Confidentiality Impact - None
Integrity Impact - None
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
CSCsu31800 - CTI crash with invalid packet
CVSS Base Score - 7.8
Access Vector - Network
Access Complexity - Low
Authentication - None
Confidentiality Impact - None
Integrity Impact - None
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
Impact
======
Successful exploitation of the vulnerabilities that are described in
this advisory could result in the interruption of voice services.
Software Versions and Fixes
===========================
When considering software upgrades, also consult:
http://www.cisco.com/go/psirt
and any subsequent advisories to determine exposure and a
complete upgrade solution.
In all cases, customers should exercise caution to be certain the
devices to be upgraded contain sufficient memory and that current
hardware and software configurations will continue to be supported
properly by the new release. If the information is not clear, contact
the Cisco Technical Assistance Center (TAC) or your contracted
maintenance provider for assistance. |
|----------------+----------------------|
| 6.x | 6.1(5) |
|----------------+----------------------|
| 7.x | 7.1(3b)SU2 |
|----------------+----------------------|
| | Cisco Unified |
| | Communications |
| | Manager version 8.0 |
| | (1) was distributed |
| 8.x | with software fixes |
| | for all the |
| | vulnerabilities that |
| | are described in |
| | this advisory. |
+---------------------------------------+
Cisco Unified Communications Manager software version 4.3(2)SR2 can
be downloaded at the following link:
http://tools.cisco.com/support/downloads/go/PlatformList.x?sftType=Unified+Communications+Manager+Updates&mdfid=280771554&treeName=Voice+and+Unified+Communications&mdfLevel=Software%20Version/Option&url=null&modelName=Cisco+Unified+Communications+Manager+Version+4.3&isPlatform=N&treeMdfId=278875240&modifmdfid=null&imname=&hybrid=Y&imst=N
Cisco Unified Communications Manager software version 6.1(5) can be
downloaded at the following link:
http://tools.cisco.com/support/downloads/go/ReleaseType.x?optPlat=&isPlatform=Y&mdfid=281023410&sftType=Unified+Communications+Manager+Updates&treeName=Voice+and+Unified+Communications&modelName=Cisco+Unified+Communications+Manager+Version+6.1&mdfLevel=Software%20Version/Option&treeMdfId=278875240&modifmdfid=null&imname=&hybrid=Y&imst=N
Cisco Unified Communications Manager software version 7.1(3b)SU2 can
be downloaded at the following link:
http://tools.cisco.com/support/downloads/go/PlatformList.x?sftType=Unified+Communications+Manager+Updates&mdfid=282421166&treeName=Voice+and+Unified+Communications&mdfLevel=Software%20Version/Option&url=null&modelName=Cisco+Unified+Communications+Manager+Version+7.1&isPlatform=N&treeMdfId=278875240&modifmdfid=null&imname=&hybrid=Y&imst=N
Workarounds
===========
Administrators can mitigate the SCCP- and SIP-related vulnerabilities
by implementing filtering on screening devices to permit access to
TCP ports 2000 and 2443, and TCP and UDP ports 5060 and 5061 only
from networks that require SCCP and SIP access to Cisco Unified
Communications Manager appliances.
It is possible to mitigate the CTI Manager vulnerability by disabling
the CTI Manager service t is not necessary; however, this workaround
will interrupt applications that reply on the CTI Manager service.
Administrators can also mitigate the vulnerability by implementing
filtering on screening devices to permit access to TCP port 2748 only
from networks that require access to the CTI Manager service. Please
consult the following documentation for details on disabling Cisco
Unified Communications Manager services:
http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/service/6_0_1/admin/sasrvact.html#wp1048390
Additional mitigation techniques that can be deployed on Cisco
devices within the network are available in the Cisco Applied
Mitigation Bulletin companion document for this advisory:
http://www.cisco.com/warp/public/707/cisco-amb-20100303-cucm.shtml
Obtaining Fixed Software
========================
Cisco has released free software updates that address these
vulnerabilities. Prior to deploying software, customers should
consult their maintenance provider or check the software for feature
set compatibility and known issues specific to their environment.
Customers may only install and expect support for the feature sets
they have purchased. By installing, downloading, accessing or
otherwise using such software upgrades, customers agree to be bound
by the terms of Cisco's software license terms found at:
http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html
or as otherwise set forth at Cisco.com Downloads at:
http://www.cisco.com/public/sw-center/sw-usingswc.shtml
Do not contact psirt@cisco.com or security-alert@cisco.com for
software upgrades.
Customers with Service Contracts
+-------------------------------
Customers with contracts should obtain upgraded software through
their regular update channels. For most customers, this means that
upgrades should be obtained through the Software Center on Cisco's
worldwide website at http://www.cisco.com.
Customers using Third Party Support Organizations
+------------------------------------------------
Customers whose Cisco products are provided or maintained through
prior or existing agreements with third-party support organizations,
such as Cisco Partners, authorized resellers, or service providers
should contact that support organization for guidance and assistance
with the appropriate course of action in regards to this advisory.
The effectiveness of any workaround or fix is dependent on specific
customer situations, such as product mix, network topology, traffic
behavior, and organizational mission. Due to the variety of affected
products and releases, customers should consult with their service
provider or support organization to ensure any applied workaround or
fix is the most appropriate for use in the intended network before it
is deployed.
Customers without Service Contracts
+----------------------------------
Customers who purchase direct from Cisco but do not hold a Cisco
service contract, and customers who purchase through third-party
vendors but are unsuccessful in obtaining fixed software through
their point of sale should acquire upgrades by contacting the Cisco
Technical Assistance Center (TAC). TAC contacts are as follows.
* +1 800 553 2447 (toll free from within North America)
* +1 408 526 7209 (toll call from anywhere in the world)
* e-mail: tac@cisco.com
Customers should have their product serial number available and be
prepared to give the URL of this notice as evidence of entitlement to
a free upgrade. Free upgrades for non-contract customers must be
requested through the TAC.
Refer to:
http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html
for additional TAC contact information, including localized telephone
numbers, and instructions and e-mail addresses for use in various
languages.
Exploitation and Public Announcements
=====================================
The Cisco PSIRT is not aware of any public announcements or malicious
use of the vulnerabilities described in this advisory. Cisco would like to thank Sipera
VIPER Lab team for reporting this vulnerability to us and for working
with us on a coordinated disclosure.
All other vulnerabilities described in this advisory were discovered
as a result of internal testing conducted by Cisco.
Status of this Notice: FINAL
============================
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY
KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE
INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS
AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS
DOCUMENT AT ANY TIME.
A stand-alone copy or Paraphrase of the text of this document that
omits the distribution URL in the following section is an
uncontrolled copy, and may lack important information or contain
factual errors.
Distribution
============
This advisory is posted on Cisco's worldwide website at:
http://www.cisco.com/warp/public/707/cisco-sa-20100303-cucm.shtml
In addition to worldwide web posting, a text version of this notice
is clear-signed with the Cisco PSIRT PGP key and is posted to the
following e-mail and Usenet news recipients.
* cust-security-announce@cisco.com
* first-bulletins@lists.first.org
* bugtraq@securityfocus.com
* vulnwatch@vulnwatch.org
* cisco@spot.colorado.edu
* cisco-nsp@puck.nether.net
* full-disclosure@lists.grok.org.uk
* comp.dcom.sys.cisco@newsgate.cisco.com
Future updates of this advisory, if any, will be placed on Cisco's
worldwide website, but may or may not be actively announced on
mailing lists or newsgroups. Users concerned about this problem are
encouraged to check the above URL for any updates.
Revision History
================
+---------------------------------------+
| Revision | | Initial |
| 1.0 | 2010-March-03 | public |
| | | release |
+---------------------------------------+
Cisco Security Procedures
=========================
Complete information on reporting security vulnerabilities in Cisco
products, obtaining assistance with security incidents, and
registering to receive security information from Cisco, is available
on Cisco's worldwide website at:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
This includes instructions for press inquiries regarding Cisco security
notices. All Cisco security advisories are available at:
http://www.cisco.com/go/psirt
-----BEGIN PGP SIGNATURE-----
iD8DBQFLjfPv86n/Gc8U/uARAg+/AJ9olaRLtbZpQgpUAlbntFXazT9xFQCfR3js
JuXvX7dKZb3f9AwRnZJ0B4E=
=WqCm
-----END PGP SIGNATURE-----
| VAR-201003-0255 | CVE-2010-0592 | Cisco Unified Communications Manager of CTI Manager Service disruption in services (DoS) Vulnerabilities |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
The CTI Manager service in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x before 4.3(2)sr1a, 6.x before 6.1(3), 7.0x before 7.0(2), 7.1x before 7.1(2), and 8.x before 8.0(1) allows remote attackers to cause a denial of service (service failure) via a malformed message, aka Bug ID CSCsu31800.
An attacker can exploit this issue to cause an interruption in CTI applications.
This issue is documented by Cisco Bug ID CSCsu31800. The Session
Initiation Protocol (SIP), Skinny Client Control Protocol (SCCP) and
Computer Telephony Integration (CTI) Manager services are affected by
these vulnerabilities.
There is a workaround for of one the vulnerabilities. No other Cisco products are currently known to be
affected by these vulnerabilities.
Details
=======
Cisco Unified Communications Manager is the call processing component
of the Cisco IP Telephony solution that extends enterprise telephony
features and functions to packet telephony network devices, such as
IP phones, media processing devices, VoIP gateways, and multimedia
applications. Each vulnerability is
triggered by a malformed SCCP message that could cause a critical
process to fail, which could result in the disruption of voice
services. All SCCP ports (TCP ports 2000 and 2443) are affected. Each vulnerability is
triggered by a malformed SIP message that could cause a critical
process to fail, which could result in the disruption of voice
services. All SIP ports (TCP ports 5060 and 5061, UDP ports 5060 and
5061) are affected. Cisco Unified Communications Manager
4.x and 6.x versions are not affected.
The CTI Manager service is disabled by default.
Vulnerability Scoring Details
=============================
Cisco has provided scores for the vulnerabilities in this advisory
based on the Common Vulnerability Scoring System (CVSS). The CVSS
scoring in this Security Advisory is done in accordance with CVSS
version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability
severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then
compute environmental scores to assist in determining the impact of
the vulnerability in individual networks.
Cisco has provided an FAQ to answer additional questions regarding
CVSS at:
http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html
Cisco has also provided a CVSS calculator to help compute the
environmental impact for individual networks at:
http://intellishield.cisco.com/security/alertmanager/cvss
CSCtc38985 - CCM Coredump on SCCP StationCapabilitiesRes Message with MaxCap Exceeded
CVSS Base Score - 7.8
Access Vector - Network
Access Complexity - Low
Authentication - None
Confidentiality Impact - None
Integrity Impact - None
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
CSCtc47823 - CCM Core at invalid Line# in SCCP RegAvailableLines and FwdStatReq
CVSS Base Score - 7.8
Access Vector - Network
Access Complexity - Low
Authentication - None
Confidentiality Impact - None
Integrity Impact - None
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
CSCtc37188 - CMSIPUtility Coredump on Fuzzed Register Message
CVSS Base Score - 7.8
Access Vector - Network
Access Complexity - Low
Authentication - None
Confidentiality Impact - None
Integrity Impact - None
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
CSCtc62362 - CCM Coredump on Overflow of Field Telephone-URL in REG Msg
CVSS Base Score - 7.8
Access Vector - Network
Access Complexity - Low
Authentication - None
Confidentiality Impact - None
Integrity Impact - None
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
CSCsu31800 - CTI crash with invalid packet
CVSS Base Score - 7.8
Access Vector - Network
Access Complexity - Low
Authentication - None
Confidentiality Impact - None
Integrity Impact - None
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
Impact
======
Successful exploitation of the vulnerabilities that are described in
this advisory could result in the interruption of voice services.
Software Versions and Fixes
===========================
When considering software upgrades, also consult:
http://www.cisco.com/go/psirt
and any subsequent advisories to determine exposure and a
complete upgrade solution.
In all cases, customers should exercise caution to be certain the
devices to be upgraded contain sufficient memory and that current
hardware and software configurations will continue to be supported
properly by the new release. If the information is not clear, contact
the Cisco Technical Assistance Center (TAC) or your contracted
maintenance provider for assistance. |
+---------------------------------------+
Cisco Unified Communications Manager software version 4.3(2)SR2 can
be downloaded at the following link:
http://tools.cisco.com/support/downloads/go/PlatformList.x?sftType=Unified+Communications+Manager+Updates&mdfid=280771554&treeName=Voice+and+Unified+Communications&mdfLevel=Software%20Version/Option&url=null&modelName=Cisco+Unified+Communications+Manager+Version+4.3&isPlatform=N&treeMdfId=278875240&modifmdfid=null&imname=&hybrid=Y&imst=N
Cisco Unified Communications Manager software version 6.1(5) can be
downloaded at the following link:
http://tools.cisco.com/support/downloads/go/ReleaseType.x?optPlat=&isPlatform=Y&mdfid=281023410&sftType=Unified+Communications+Manager+Updates&treeName=Voice+and+Unified+Communications&modelName=Cisco+Unified+Communications+Manager+Version+6.1&mdfLevel=Software%20Version/Option&treeMdfId=278875240&modifmdfid=null&imname=&hybrid=Y&imst=N
Cisco Unified Communications Manager software version 7.1(3b)SU2 can
be downloaded at the following link:
http://tools.cisco.com/support/downloads/go/PlatformList.x?sftType=Unified+Communications+Manager+Updates&mdfid=282421166&treeName=Voice+and+Unified+Communications&mdfLevel=Software%20Version/Option&url=null&modelName=Cisco+Unified+Communications+Manager+Version+7.1&isPlatform=N&treeMdfId=278875240&modifmdfid=null&imname=&hybrid=Y&imst=N
Workarounds
===========
Administrators can mitigate the SCCP- and SIP-related vulnerabilities
by implementing filtering on screening devices to permit access to
TCP ports 2000 and 2443, and TCP and UDP ports 5060 and 5061 only
from networks that require SCCP and SIP access to Cisco Unified
Communications Manager appliances.
It is possible to mitigate the CTI Manager vulnerability by disabling
the CTI Manager service t is not necessary; however, this workaround
will interrupt applications that reply on the CTI Manager service.
Administrators can also mitigate the vulnerability by implementing
filtering on screening devices to permit access to TCP port 2748 only
from networks that require access to the CTI Manager service. Please
consult the following documentation for details on disabling Cisco
Unified Communications Manager services:
http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/service/6_0_1/admin/sasrvact.html#wp1048390
Additional mitigation techniques that can be deployed on Cisco
devices within the network are available in the Cisco Applied
Mitigation Bulletin companion document for this advisory:
http://www.cisco.com/warp/public/707/cisco-amb-20100303-cucm.shtml
Obtaining Fixed Software
========================
Cisco has released free software updates that address these
vulnerabilities. Prior to deploying software, customers should
consult their maintenance provider or check the software for feature
set compatibility and known issues specific to their environment.
Customers may only install and expect support for the feature sets
they have purchased. By installing, downloading, accessing or
otherwise using such software upgrades, customers agree to be bound
by the terms of Cisco's software license terms found at:
http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html
or as otherwise set forth at Cisco.com Downloads at:
http://www.cisco.com/public/sw-center/sw-usingswc.shtml
Do not contact psirt@cisco.com or security-alert@cisco.com for
software upgrades.
Customers with Service Contracts
+-------------------------------
Customers with contracts should obtain upgraded software through
their regular update channels. For most customers, this means that
upgrades should be obtained through the Software Center on Cisco's
worldwide website at http://www.cisco.com.
Customers using Third Party Support Organizations
+------------------------------------------------
Customers whose Cisco products are provided or maintained through
prior or existing agreements with third-party support organizations,
such as Cisco Partners, authorized resellers, or service providers
should contact that support organization for guidance and assistance
with the appropriate course of action in regards to this advisory.
The effectiveness of any workaround or fix is dependent on specific
customer situations, such as product mix, network topology, traffic
behavior, and organizational mission. Due to the variety of affected
products and releases, customers should consult with their service
provider or support organization to ensure any applied workaround or
fix is the most appropriate for use in the intended network before it
is deployed.
Customers without Service Contracts
+----------------------------------
Customers who purchase direct from Cisco but do not hold a Cisco
service contract, and customers who purchase through third-party
vendors but are unsuccessful in obtaining fixed software through
their point of sale should acquire upgrades by contacting the Cisco
Technical Assistance Center (TAC). TAC contacts are as follows.
* +1 800 553 2447 (toll free from within North America)
* +1 408 526 7209 (toll call from anywhere in the world)
* e-mail: tac@cisco.com
Customers should have their product serial number available and be
prepared to give the URL of this notice as evidence of entitlement to
a free upgrade. Free upgrades for non-contract customers must be
requested through the TAC.
Refer to:
http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html
for additional TAC contact information, including localized telephone
numbers, and instructions and e-mail addresses for use in various
languages.
Exploitation and Public Announcements
=====================================
The Cisco PSIRT is not aware of any public announcements or malicious
use of the vulnerabilities described in this advisory. Cisco would like to thank Sipera
VIPER Lab team for reporting this vulnerability to us and for working
with us on a coordinated disclosure.
All other vulnerabilities described in this advisory were discovered
as a result of internal testing conducted by Cisco.
Status of this Notice: FINAL
============================
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY
KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE
INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS
AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS
DOCUMENT AT ANY TIME.
A stand-alone copy or Paraphrase of the text of this document that
omits the distribution URL in the following section is an
uncontrolled copy, and may lack important information or contain
factual errors.
Distribution
============
This advisory is posted on Cisco's worldwide website at:
http://www.cisco.com/warp/public/707/cisco-sa-20100303-cucm.shtml
In addition to worldwide web posting, a text version of this notice
is clear-signed with the Cisco PSIRT PGP key and is posted to the
following e-mail and Usenet news recipients.
* cust-security-announce@cisco.com
* first-bulletins@lists.first.org
* bugtraq@securityfocus.com
* vulnwatch@vulnwatch.org
* cisco@spot.colorado.edu
* cisco-nsp@puck.nether.net
* full-disclosure@lists.grok.org.uk
* comp.dcom.sys.cisco@newsgate.cisco.com
Future updates of this advisory, if any, will be placed on Cisco's
worldwide website, but may or may not be actively announced on
mailing lists or newsgroups. Users concerned about this problem are
encouraged to check the above URL for any updates.
Revision History
================
+---------------------------------------+
| Revision | | Initial |
| 1.0 | 2010-March-03 | public |
| | | release |
+---------------------------------------+
Cisco Security Procedures
=========================
Complete information on reporting security vulnerabilities in Cisco
products, obtaining assistance with security incidents, and
registering to receive security information from Cisco, is available
on Cisco's worldwide website at:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
This includes instructions for press inquiries regarding Cisco security
notices. All Cisco security advisories are available at:
http://www.cisco.com/go/psirt
-----BEGIN PGP SIGNATURE-----
iD8DBQFLjfPv86n/Gc8U/uARAg+/AJ9olaRLtbZpQgpUAlbntFXazT9xFQCfR3js
JuXvX7dKZb3f9AwRnZJ0B4E=
=WqCm
-----END PGP SIGNATURE-----
| VAR-201003-0520 | No CVE | Cisco Unified Communications Manager CTI Manager Denial of Service Vulnerability |
CVSS V2: - CVSS V3: - Severity: - |
Cisco Unified Communications Manager is a call processing component in the Cisco IP Telephony solution. A denial of service attack vulnerability exists in the Cisco Unified Communications Manager CTI Manager service. An attacker sending a malformed message to the CTI Management Service port (TCP 2748) can cause the CTI Management Service to crash. The CTI application is interrupted. The CTI Management Service is disabled by default.
| VAR-201003-0531 | No CVE | uCosminexus Portal Framework Cross-Site Scripting Vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: Medium |
uCosminexus Portal Framework has a cross-site scripting vulnerability.A remote attacker could make users of affected systems unknowingly execute malicious scripts.
| VAR-201003-1114 | CVE-2010-0393 | CUPS of _cupsGetlang Elevation of privilege vulnerability in functions |
CVSS V2: 6.9 CVSS V3: - Severity: MEDIUM |
The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with format string specifiers. CUPS (Common UNIX Printing System) is prone to a local security-weakness when loading localized message strings from arbitrary files.
Exploiting this issue in conjunction with a local format-string issue may allow attackers to execute arbitrary code with superuser privileges, completely compromising affected computers. It is based on the Internet Printing Protocol and provides most PostScript and raster printer services. The lppasswd component of CUPS does not safely use the LOCALEDIR environment variable, which may lead to format string attacks.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2010:073-1
http://www.mandriva.com/security/
_______________________________________________________________________
Package : cups
Date : April 14, 2010
Affected: 2010.0
_______________________________________________________________________
Problem Description:
Multiple vulnerabilities has been found and corrected in cups:
CUPS in does not properly handle (1) HTTP headers and (2) HTML
templates, which allows remote attackers to conduct cross-site
scripting (XSS) attacks and HTTP response splitting attacks via vectors
related to (a) the product's web interface, (b) the configuration of
the print system, and (c) the titles of printed jobs (CVE-2009-2820).
Use-after-free vulnerability in the abstract file-descriptor handling
interface in the cupsdDoSelect function in scheduler/select.c in the
scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers
to cause a denial of service (daemon crash or hang) via a client
disconnection during listing of a large number of print jobs, related
to improperly maintaining a reference count. NOTE: some of these
details are obtained from third party information (CVE-2009-3553).
Use-after-free vulnerability in the abstract file-descriptor handling
interface in the cupsdDoSelect function in scheduler/select.c in the
scheduler in cupsd in CUPS 1.3.7, 1.3.9, 1.3.10, and 1.4.1, when kqueue
or epoll is used, allows remote attackers to cause a denial of service
(daemon crash or hang) via a client disconnection during listing
of a large number of print jobs, related to improperly maintaining
a reference count. NOTE: some of these details are obtained from
third party information. NOTE: this vulnerability exists because of
an incomplete fix for CVE-2009-3553 (CVE-2010-0302).
The updated packages have been patched to correct these issues.
Update:
Packages for Mandriva Linux 2010.0 was missing with
MDVSA-2010:073. This advisory provides packages for 2010.0 as well.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2820
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3553
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0302
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0393
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2010.0:
ba3d43f654fd15aea9f81eadb57c3022 2010.0/i586/cups-1.4.1-12.1mdv2010.0.i586.rpm
b1f275796b029190380e40ae23ae8ed0 2010.0/i586/cups-common-1.4.1-12.1mdv2010.0.i586.rpm
296b30522aa7c008767c6b285aa4b715 2010.0/i586/cups-serial-1.4.1-12.1mdv2010.0.i586.rpm
b3abb3c2299c1cb32848c0ee5954eed8 2010.0/i586/libcups2-1.4.1-12.1mdv2010.0.i586.rpm
d91c255a1e42e5988f1d8d2d94ffd369 2010.0/i586/libcups2-devel-1.4.1-12.1mdv2010.0.i586.rpm
ba336d918bbe9d03cf4fa823293bfb37 2010.0/i586/php-cups-1.4.1-12.1mdv2010.0.i586.rpm
c3aee001d1629963053f475a49b7cd5d 2010.0/SRPMS/cups-1.4.1-12.1mdv2010.0.src.rpm
Mandriva Linux 2010.0/X86_64:
7c089025f467e5b366e57a15e85857ce 2010.0/x86_64/cups-1.4.1-12.1mdv2010.0.x86_64.rpm
0e0e4ad3a4d42022d22a88ee8568f8bf 2010.0/x86_64/cups-common-1.4.1-12.1mdv2010.0.x86_64.rpm
cb7b4cadce5a174bbd4027f478b38c26 2010.0/x86_64/cups-serial-1.4.1-12.1mdv2010.0.x86_64.rpm
653bd25375281b919c6438e71052359d 2010.0/x86_64/lib64cups2-1.4.1-12.1mdv2010.0.x86_64.rpm
7bebd27fa6ce2aa5667d28fd7b06702e 2010.0/x86_64/lib64cups2-devel-1.4.1-12.1mdv2010.0.x86_64.rpm
34452fc88d7a16591eb653a32c6daa28 2010.0/x86_64/php-cups-1.4.1-12.1mdv2010.0.x86_64.rpm
c3aee001d1629963053f475a49b7cd5d 2010.0/SRPMS/cups-1.4.1-12.1mdv2010.0.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFLxclfmqjQ0CJFipgRAmhmAJ4qtZ7GxqbmNOSfJeozcsqRCBvAsACg2vG+
NRt/ytxq5LWHwOAGFnOKnIw=
=ayqT
-----END PGP SIGNATURE-----
. ----------------------------------------------------------------------
Use WSUS to deploy 3rd party patches
Public BETA
http://secunia.com/vulnerability_scanning/corporate/wsus_3rd_third_party_patching/
----------------------------------------------------------------------
TITLE:
CUPS "lppasswd" Privilege Escalation Vulnerability
SECUNIA ADVISORY ID:
SA38789
VERIFY ADVISORY:
http://secunia.com/advisories/38789/
DESCRIPTION:
A vulnerability has been discovered in CUPS, which can be exploited
by malicious, local users to gain escalated privileges.
The vulnerability is caused due to the "lppasswd" utility (which may
be installed suid root) not properly verifying certain environment
variables (e.g. "LOCALEDIR") before using them. This can be exploited
to e.g. execute arbitrary code by tricking the utility into using a
specially crafted localisation file containing malicious format
strings.
The vulnerability is confirmed in version 1.3.11. Other versions may
also be affected.
Note: The manual page for "lppasswd" in version 1.3.11 recommends
administrators to change or disable the ownership of the file for
security reasons. CUPS 1.4.0, 1.4.1, and 1.4.2 do not install the
"lppasswd" utility as suid root by default.
SOLUTION:
Restrict access to trusted users only. Remove the suid-bit from the
"lppasswd" utility.
PROVIDED AND/OR DISCOVERED BY:
Ubuntu credits Ronald Volgers.
CHANGELOG:
2010-03-04: Increased "criticality".
ORIGINAL ADVISORY:
CUPS:
http://www.cups.org/str.php?L3482
Red Hat bug #558460:
https://bugzilla.redhat.com/show_bug.cgi?id=558460
USN-906-1:
https://lists.ubuntu.com/archives/ubuntu-security-announce/2010-March/001054.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
. This works as the lppasswd
binary happens to be installed with setuid 0 permissions.
For the stable distribution (lenny), this problem has been fixed in
version 1.3.8-1+lenny8.
For the testing distribution (squeeze) this problem will be fixed soon.
For the unstable distribution (sid) this problem has been fixed in
version 1.4.2-9.1.
We recommend that you upgrade your cups packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Debian (stable)
- ---------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny8.dsc
Size/MD5 checksum: 1837 a511bb4de5c768a4862a55d227a4ff70
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny8.diff.gz
Size/MD5 checksum: 189649 82c747daa3ed7bb71e10094a50a0cabd
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8.orig.tar.gz
Size/MD5 checksum: 4796827 10efe9825c1a1dcd325be47a6cc21faf
Architecture independent packages:
http://security.debian.org/pool/updates/main/c/cups/cups-common_1.3.8-1+lenny8_all.deb
Size/MD5 checksum: 1181030 11167383d8fa0f8518cb550e4946c109
http://security.debian.org/pool/updates/main/c/cups/cupsys-common_1.3.8-1+lenny8_all.deb
Size/MD5 checksum: 52398 15e639e1ac4d44042e5e5245d0670cb9
http://security.debian.org/pool/updates/main/c/cups/cupsys-bsd_1.3.8-1+lenny8_all.deb
Size/MD5 checksum: 52398 796f92741e989eac9ba214ede18630d8
http://security.debian.org/pool/updates/main/c/cups/libcupsys2-dev_1.3.8-1+lenny8_all.deb
Size/MD5 checksum: 52406 2bce3838eaf23010ab40842e6cd15b64
http://security.debian.org/pool/updates/main/c/cups/cupsys-dbg_1.3.8-1+lenny8_all.deb
Size/MD5 checksum: 52398 57ee5c01a3a6b88e9dd73a5fae4052e6
http://security.debian.org/pool/updates/main/c/cups/libcupsys2_1.3.8-1+lenny8_all.deb
Size/MD5 checksum: 52398 a57e7e5775ef54f3b173aa78cb56925c
http://security.debian.org/pool/updates/main/c/cups/cupsys-client_1.3.8-1+lenny8_all.deb
Size/MD5 checksum: 52402 e558bca7e419849e9985fab5b253d541
http://security.debian.org/pool/updates/main/c/cups/cupsys_1.3.8-1+lenny8_all.deb
Size/MD5 checksum: 52382 6fb5db2ff939a66c82805069e2673122
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny8_alpha.deb
Size/MD5 checksum: 445498 e4c86a6a0e2956a543432ea47d2b4e4d
http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny8_alpha.deb
Size/MD5 checksum: 119902 54fbde6934338f62546a3a9d63366e24
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny8_alpha.deb
Size/MD5 checksum: 108236 b5585a98bb2ba4395aa8b995663eb449
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny8_alpha.deb
Size/MD5 checksum: 39296 ba38fb23064f0265b08e634c5553680c
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny8_alpha.deb
Size/MD5 checksum: 81528 586baf5c22624b387b17522f9336a62f
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny8_alpha.deb
Size/MD5 checksum: 178786 855af4932cc8c4d8fa79615cfb9268d7
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny8_alpha.deb
Size/MD5 checksum: 1149260 0655f89a290365b71040ad2ab6d5708e
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny8_alpha.deb
Size/MD5 checksum: 2103240 eb83ee8de10a7bd58918742bd92afb26
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny8_amd64.deb
Size/MD5 checksum: 2072340 d50623c5ddf4a13d88ad72c77b423b7f
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny8_amd64.deb
Size/MD5 checksum: 99958 c80b2253f2bd929eea5fa3e4d630007b
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny8_amd64.deb
Size/MD5 checksum: 1195800 c8fe761855122b595442161dc215685f
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny8_amd64.deb
Size/MD5 checksum: 61016 bd0dbe1b2ea8cd4f4608684c8d175aeb
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny8_amd64.deb
Size/MD5 checksum: 169070 a8cc5fcba2086f06cb475b363dae39d1
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny8_amd64.deb
Size/MD5 checksum: 401586 d0c2f361b90a7d43a29c1267e41ac013
http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny8_amd64.deb
Size/MD5 checksum: 116782 535933bcbdf17abc8d11d66d6059f398
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny8_amd64.deb
Size/MD5 checksum: 37256 c48a07f0d0dd59aec4bc88238fe51ea6
arm architecture (ARM)
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny8_arm.deb
Size/MD5 checksum: 1125054 47b869c7af5c841936301dc713aa3bb3
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny8_arm.deb
Size/MD5 checksum: 2061240 f8f6aec89d4122cd7c0c5f1c80185490
http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny8_arm.deb
Size/MD5 checksum: 113164 862335112c4cec83b6f774a39e3fc2b9
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny8_arm.deb
Size/MD5 checksum: 155534 3aa347eb9e30df946b834ac016f8d283
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny8_arm.deb
Size/MD5 checksum: 55352 0b8cd0cfc9373f4ab4be9a068868818d
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny8_arm.deb
Size/MD5 checksum: 36474 9925987df33366768ee7ccfa4566e1d4
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny8_arm.deb
Size/MD5 checksum: 97414 d43e5b18042c48ebc6d2a1d4e6c12f2c
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny8_arm.deb
Size/MD5 checksum: 387712 33ece2737438d084d26ac6fc5cd760b9
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny8_armel.deb
Size/MD5 checksum: 157028 3e4149d7b7e7e845bc4d3730404190f3
http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny8_armel.deb
Size/MD5 checksum: 119310 100d72c77beb954a87986af1ecd647c7
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny8_armel.deb
Size/MD5 checksum: 54732 1190d22789b9309f1e78860510301ab3
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny8_armel.deb
Size/MD5 checksum: 2077838 4a8ff6e73ea9bf9e94ff5825c1174779
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny8_armel.deb
Size/MD5 checksum: 387602 45a8362c0dc84b4a4c8fdd2e33f80bbc
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny8_armel.deb
Size/MD5 checksum: 98558 c8b588b3ab696cb2e88baf2f5d94741f
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny8_armel.deb
Size/MD5 checksum: 38772 8aacdda63b2ee8cb8a63421931942814
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny8_armel.deb
Size/MD5 checksum: 1129310 149f6fec84d67a60b62477c37e39d042
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny8_hppa.deb
Size/MD5 checksum: 406772 d1d53dd5d0f75b59024ad7956564f29f
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny8_hppa.deb
Size/MD5 checksum: 39988 5a975486c7cb9f472ee0d45ffd9b3683
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny8_hppa.deb
Size/MD5 checksum: 172874 4186b6262c3e279a9cc8b77d029e4c1e
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny8_hppa.deb
Size/MD5 checksum: 63140 9039a2811fb6d3945034e4cbf7ffe599
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny8_hppa.deb
Size/MD5 checksum: 1142920 bc221c80a35f48369d4ecf5db639ab96
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny8_hppa.deb
Size/MD5 checksum: 2120838 18e3dc2e1e7b4f0446422395c19ffa58
http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny8_hppa.deb
Size/MD5 checksum: 121720 fa37b7429bf9485808067fd67b05da59
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny8_hppa.deb
Size/MD5 checksum: 103158 59ff4ef65704e82c04629a8744c0f8bc
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny8_i386.deb
Size/MD5 checksum: 1097596 fd5c74be5bc03649abba8ebbf77d6451
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny8_i386.deb
Size/MD5 checksum: 38010 5d2bd65adba678c033e7ca5a29a9d955
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny8_i386.deb
Size/MD5 checksum: 165576 71ce31f39a6e1e720af95d4e82a88d8b
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny8_i386.deb
Size/MD5 checksum: 60424 0e4cea9daca41e520dbce560b4832d48
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny8_i386.deb
Size/MD5 checksum: 99486 87819be26173976d930461a6577070a5
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny8_i386.deb
Size/MD5 checksum: 394172 e63cbc2f88f30d3f1b66d1b55c1d169c
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny8_i386.deb
Size/MD5 checksum: 2052542 9454ca978cc4a28481c11a5cdbd33438
http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny8_i386.deb
Size/MD5 checksum: 115942 1f751d318fb9fef7c91b0a9c0c409f9e
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny8_ia64.deb
Size/MD5 checksum: 139102 78b2ab586f3187909d930abd87c3ec84
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny8_ia64.deb
Size/MD5 checksum: 86012 99a615920328daa054cfe62052a93cb7
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny8_ia64.deb
Size/MD5 checksum: 209294 b01ae496c3cb881f4decc3a4ece08122
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny8_ia64.deb
Size/MD5 checksum: 2283850 175a894311f8cff9fe650c3baa0b6d46
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny8_ia64.deb
Size/MD5 checksum: 447802 38383f1f2be111677a79ebfcd247d61d
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny8_ia64.deb
Size/MD5 checksum: 123628 11e9d5f4b78ff50d121d14fdbe6a782b
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny8_ia64.deb
Size/MD5 checksum: 1151580 af7b35bcac465ca8cbabb63651cc2cb2
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny8_ia64.deb
Size/MD5 checksum: 41284 57e9177cef831639476cc289d8067834
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny8_mipsel.deb
Size/MD5 checksum: 65220 f432b20c68866e83e696aaafeca0ea32
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny8_mipsel.deb
Size/MD5 checksum: 1158992 129547967aab4dc3a95e89b497828069
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny8_mipsel.deb
Size/MD5 checksum: 99032 f563929513a294d97793f5aba3f0cf15
http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny8_mipsel.deb
Size/MD5 checksum: 110006 7df897c72bb496c1660022be4eb53b4c
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny8_mipsel.deb
Size/MD5 checksum: 403444 5835503a1026ba846954976d3e52cebc
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny8_mipsel.deb
Size/MD5 checksum: 36158 ebdbbdc958b51e851600d688738c8089
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny8_mipsel.deb
Size/MD5 checksum: 2030710 6aed4a117ee98cfd751204c957ba7c1d
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny8_mipsel.deb
Size/MD5 checksum: 158496 987c55cca3677a14b836597dbb1f0327
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny8_powerpc.deb
Size/MD5 checksum: 105640 ae6a5f63f589ad5bae2d7ecd4be269e1
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny8_powerpc.deb
Size/MD5 checksum: 61094 9d02e8bef845830b2b1e0e920eb0ada0
http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny8_powerpc.deb
Size/MD5 checksum: 135688 6ec7ee1ad2eb2f543d2eff4dea847a41
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny8_powerpc.deb
Size/MD5 checksum: 43906 8e2a1126f6e4cca776ca13cf7e49625b
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny8_powerpc.deb
Size/MD5 checksum: 174512 52a39e14eda691e3563c3278fcfa25ff
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny8_powerpc.deb
Size/MD5 checksum: 395666 9eca6ef2e6429b4ac2226847c8122758
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny8_powerpc.deb
Size/MD5 checksum: 2137268 b6cacb0e0051f563ac0a027d3dac8ce0
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny8_powerpc.deb
Size/MD5 checksum: 1196662 875cce4fd93adff28ef3f696696ac363
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny8_s390.deb
Size/MD5 checksum: 118590 3cf70157d2a0f74c419c945a9ec65785
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny8_s390.deb
Size/MD5 checksum: 60714 d1a71e6365fb95c20bb9d720b3a5ab32
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny8_s390.deb
Size/MD5 checksum: 101722 71e9684bab935487bc3ff48c69de5ba7
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny8_s390.deb
Size/MD5 checksum: 37818 bf29d032e9a00e33b62fafda191ceceb
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny8_s390.deb
Size/MD5 checksum: 2093186 3588fb878456ae05781d5467d5a245b3
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny8_s390.deb
Size/MD5 checksum: 399922 d481af6ea365c4ad436493ce8adb92d7
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny8_s390.deb
Size/MD5 checksum: 1190826 185c58c1bc4b622fca84715f749eb9bd
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny8_s390.deb
Size/MD5 checksum: 171864 7731f029fa9c052a7ccbefd457a36ede
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/c/cups/libcups2-dev_1.3.8-1+lenny8_sparc.deb
Size/MD5 checksum: 395004 782356afcc6dc3f4f9c96cd498a2baf3
http://security.debian.org/pool/updates/main/c/cups/cups_1.3.8-1+lenny8_sparc.deb
Size/MD5 checksum: 2071128 d75e27ad18dc7e655aab7be4e6d4be19
http://security.debian.org/pool/updates/main/c/cups/cups-dbg_1.3.8-1+lenny8_sparc.deb
Size/MD5 checksum: 1057940 2b5f7135c895f38353916b4e7bcaec83
http://security.debian.org/pool/updates/main/c/cups/cups-client_1.3.8-1+lenny8_sparc.deb
Size/MD5 checksum: 116708 2f59a6913340ba69f12bc7d36b354584
http://security.debian.org/pool/updates/main/c/cups/libcups2_1.3.8-1+lenny8_sparc.deb
Size/MD5 checksum: 161096 ee6815c329c6c619fcbb9fbb45048895
http://security.debian.org/pool/updates/main/c/cups/cups-bsd_1.3.8-1+lenny8_sparc.deb
Size/MD5 checksum: 38870 016788da55547b0ea7cb51870249fb35
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2_1.3.8-1+lenny8_sparc.deb
Size/MD5 checksum: 97330 1f6d5116c20a0cb54a41c3bb34a3cc92
http://security.debian.org/pool/updates/main/c/cups/libcupsimage2-dev_1.3.8-1+lenny8_sparc.deb
Size/MD5 checksum: 57662 1080e4dbc4db2d41e67e15061246bb42
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkuO3scACgkQHYflSXNkfP9xngCgr1BLG5dUngbgdET9DXmvo/zA
cX0AoLLmmJ9/MliGiKRCRv2UKj4WiM3k
=awyu
-----END PGP SIGNATURE-----
. ===========================================================
Ubuntu Security Notice USN-906-1 March 03, 2010
cups, cupsys vulnerabilities
CVE-2009-3553, CVE-2010-0302, CVE-2010-0393
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04
Ubuntu 9.10
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
cupsys 1.2.2-0ubuntu0.6.06.17
cupsys-client 1.2.2-0ubuntu0.6.06.17
Ubuntu 8.04 LTS:
cupsys 1.3.7-1ubuntu3.8
cupsys-client 1.3.7-1ubuntu3.8
Ubuntu 8.10:
cups 1.3.9-2ubuntu9.5
cups-client 1.3.9-2ubuntu9.5
Ubuntu 9.04:
cups 1.3.9-17ubuntu3.6
cups-client 1.3.9-17ubuntu3.6
Ubuntu 9.10:
cups 1.4.1-5ubuntu2.4
cups-client 1.4.1-5ubuntu2.4
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
It was discovered that the CUPS scheduler did not properly handle certain
network operations. A local attacker could exploit this with a format-string
vulnerability leading to a root privilege escalation. The default compiler
options for Ubuntu 8.10, 9.04 and 9.10 should reduce this vulnerability to
a denial of service. (CVE-2010-0393)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.17.diff.gz
Size/MD5: 106482 26e1af0359723f0fe887019ea8973a7e
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.17.dsc
Size/MD5: 1061 400968d3ecf83db01f0a427f10f2998e
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2.orig.tar.gz
Size/MD5: 4070384 2c99b8aa4c8dc25c8a84f9c06aa52e3e
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.2.2-0ubuntu0.6.06.17_all.deb
Size/MD5: 998 776cbf76de0fa4da83fa66cac2a2ee9c
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.17_amd64.deb
Size/MD5: 36220 1a0b165edf4aaff4b063ef5ffb44aec3
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.17_amd64.deb
Size/MD5: 81834 6fc3613d660d8193ef5bc8820a7241d9
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.17_amd64.deb
Size/MD5: 2289018 87d64d2f3a97289ad6b6db57d090ca2d
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.17_amd64.deb
Size/MD5: 6090 85aeada029ad3c01ff7f1e18f9ea9cc2
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.17_amd64.deb
Size/MD5: 77908 96e28918fdf830eb12336aadedf9f281
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.17_amd64.deb
Size/MD5: 25740 85b73ffa3c93b1cca0f9421fdaa01cc3
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.17_amd64.deb
Size/MD5: 130734 938995599b4be32a725528c80981fa78
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.17_i386.deb
Size/MD5: 34766 47d4bdcf450f6d8d30206c35192f1b7d
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.17_i386.deb
Size/MD5: 77930 e830a9300772160fb0a6748da948f246
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.17_i386.deb
Size/MD5: 2256104 bcfa53bda3ed0c1e50636e804af11055
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.17_i386.deb
Size/MD5: 6094 34a470a2aaff3e3ab10eea29a1bd8200
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.17_i386.deb
Size/MD5: 77022 ab3b5c283d4ec643297685c034f1073c
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.17_i386.deb
Size/MD5: 25748 d5904841e833850731621090c1b88c8c
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.17_i386.deb
Size/MD5: 122908 eb39cde640458c67403c00cfd65ea312
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.17_powerpc.deb
Size/MD5: 40474 a47c9a5aad3feee3c9218d32e3f03f85
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.17_powerpc.deb
Size/MD5: 89482 81e3f9ad6e8fe3cb3096b133bfb4fb5b
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.17_powerpc.deb
Size/MD5: 2303712 fffb516669489cf38ce5f410b58112af
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.17_powerpc.deb
Size/MD5: 6092 8c6d3af926e6729378b1ba23508e3c6b
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.17_powerpc.deb
Size/MD5: 79548 169e4c3351cf2ef0c99e478d8e2a3a46
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.17_powerpc.deb
Size/MD5: 25740 f0d21ba1ea537495d3953a22999d1dd4
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.17_powerpc.deb
Size/MD5: 128662 98b0c1483cc7021fff335da8d79c67c2
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.17_sparc.deb
Size/MD5: 35388 1128a347e119ca9525784ed50da5d0ab
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.17_sparc.deb
Size/MD5: 78684 596751675fee6063e59dab02e7b44543
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.17_sparc.deb
Size/MD5: 2289934 9bd77e6533b77678840172bcf285c157
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.17_sparc.deb
Size/MD5: 6096 a11d49069913645b3a947d2dfa6f5f84
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.17_sparc.deb
Size/MD5: 76832 c1049c92d30205b8032648dfbd90299c
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.17_sparc.deb
Size/MD5: 25744 d2d1088e3744d305b6c90aca7eda4be0
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.17_sparc.deb
Size/MD5: 124486 60a22b1cccb08eaab9847b9e87c59032
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8.diff.gz
Size/MD5: 141577 5cb2a7055c83f2535e6704212c06ea0c
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8.dsc
Size/MD5: 1442 d42e1f9c2424210f66acfaeb4ecf293a
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7.orig.tar.gz
Size/MD5: 4700333 383e556d9841475847da6076c88da467
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.7-1ubuntu3.8_all.deb
Size/MD5: 1144392 72c2295be929ac91622921b866586810
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.8_amd64.deb
Size/MD5: 37522 606cf4d3db841e5c7699af8e6063d28a
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.8_amd64.deb
Size/MD5: 90020 5494f76c3c0aff50e61b0e7065d4fc45
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8_amd64.deb
Size/MD5: 1882420 fbf517a3c599b99d5ea8936c09f4a6d6
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.8_amd64.deb
Size/MD5: 60800 2b3dd2ab96e425ab134602608f0d3530
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.8_amd64.deb
Size/MD5: 50216 27fb4f492cc7bf62c01a275741d37011
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.8_amd64.deb
Size/MD5: 345048 0525be5bc4dd045cd78a1b284f98398a
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.8_amd64.deb
Size/MD5: 178536 a044522e561b9b3be73617a175cc399d
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.8_i386.deb
Size/MD5: 36956 0507d5e834e622f33412109dcb260037
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.8_i386.deb
Size/MD5: 88530 244e700f4596074b37c4b7acb984dacc
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8_i386.deb
Size/MD5: 1864902 b6f438dea33b89a9f268d732d670faf1
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.8_i386.deb
Size/MD5: 60090 e83c89c8fe55e2f2e79d424e4231f8a1
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.8_i386.deb
Size/MD5: 49862 97abed0edb9dfbd42e8ba975c424e6d8
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.8_i386.deb
Size/MD5: 339414 1e4250fd6c379296cfba76f67ab97465
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.8_i386.deb
Size/MD5: 175410 efdf295f468c419fd957e69f98fd715a
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.8_lpia.deb
Size/MD5: 36660 58ce4787d4d5b43fdc762f21f06bb6bf
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.8_lpia.deb
Size/MD5: 88834 ea87ff5e386e37ddcd2a3678e85764e5
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8_lpia.deb
Size/MD5: 1867016 ba1534fcc9263b70868c4ed449529e25
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.8_lpia.deb
Size/MD5: 60492 e06a5a3660f9967ec6e0040a486d7362
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.8_lpia.deb
Size/MD5: 50808 ca0c034e3beff76b902c6471afbd7268
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.8_lpia.deb
Size/MD5: 337072 bfaa21b082ce3052922a179d522213d4
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.8_lpia.deb
Size/MD5: 174440 8e2dd41e1e07942ee0f53e05c608206a
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.8_powerpc.deb
Size/MD5: 46932 a5d83468e8e0269a483c914230768ea3
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.8_powerpc.deb
Size/MD5: 110654 ec3d80099ccbaeb3f0929644f45bbd75
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8_powerpc.deb
Size/MD5: 1951280 f475ae7f5ae8ad00bc1ebd7c4634c3ae
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.8_powerpc.deb
Size/MD5: 59922 cb7e8e802dfbe515260578f585ee4427
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.8_powerpc.deb
Size/MD5: 54924 234a155df73c7ef047ac3c5c8b2e132a
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.8_powerpc.deb
Size/MD5: 341760 1ada03ee442854916b34f267b1301407
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.8_powerpc.deb
Size/MD5: 184292 e080a077141436e9837682cf5c6e56e1
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.8_sparc.deb
Size/MD5: 38038 15aef403a65149edb1b6e3c87bbcf1e3
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.8_sparc.deb
Size/MD5: 91026 a4ade2e1d03f94b36122a5788f37cc97
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8_sparc.deb
Size/MD5: 1899806 de0f0a1899697c7add1960031257c51e
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.8_sparc.deb
Size/MD5: 57822 c2af4acac6a11e98f72703a25b2ebdfc
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.8_sparc.deb
Size/MD5: 48224 cf486639b2c6b6247afe109eb73e30d7
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.8_sparc.deb
Size/MD5: 341494 8c21fd99687d9fd49fa97e6c4638338e
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.8_sparc.deb
Size/MD5: 174130 9c878b37d2afd35ee0b50c077490112e
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.5.diff.gz
Size/MD5: 331097 6adf07d4858d39e6047a97c0a312901e
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.5.dsc
Size/MD5: 2044 d77dce1f6e35cabbd18e84a7c7031b0d
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9.orig.tar.gz
Size/MD5: 4809771 e6f2d90491ed050e5ff2104b617b88ea
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.3.9-2ubuntu9.5_all.deb
Size/MD5: 1163190 5c0dee3c7fd7541494ff7dc348be8728
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-bsd_1.3.9-2ubuntu9.5_all.deb
Size/MD5: 58560 74c932189d98c843872876adc83c989e
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-client_1.3.9-2ubuntu9.5_all.deb
Size/MD5: 58568 0666bac83bfb1edcc37931ad25588204
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.3.9-2ubuntu9.5_all.deb
Size/MD5: 58562 f524010f0aea453b001b084250bb7063
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys_1.3.9-2ubuntu9.5_all.deb
Size/MD5: 58552 a55ec8b8772c680a7413afb1b069ee3e
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsys2-dev_1.3.9-2ubuntu9.5_all.deb
Size/MD5: 58574 420d72079939829054f9bb7978375ecd
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.3.9-2ubuntu9.5_all.deb
Size/MD5: 4536 660fc4e6b26c050504a674aec5e0b8cd
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/libcupsys2_1.3.9-2ubuntu9.5_all.deb
Size/MD5: 58560 919055c4a196d7cfa5e93a3e73de24f9
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.5_amd64.deb
Size/MD5: 37296 0640e7fff6aa2dbbc93a839f641e1da0
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.5_amd64.deb
Size/MD5: 119772 fc950280a6a56b99486a29868c65bf9a
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.5_amd64.deb
Size/MD5: 1688940 84c0da9c505411cd3cbee063687215fa
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.5_amd64.deb
Size/MD5: 2174144 1bff27592c202999f0fd2705eeb8282e
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.5_amd64.deb
Size/MD5: 352308 bcdc4e90a86a22e503cf20e492f57e0f
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.5_amd64.deb
Size/MD5: 173636 d477c60212f8098b6e92c2b5ec0b7ee2
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.5_amd64.deb
Size/MD5: 61320 35baa0391a49f0490f49a97d5c8d57d4
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.5_amd64.deb
Size/MD5: 52322 d0caa49b4da1ea3ce447d2fa161d7394
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.5_i386.deb
Size/MD5: 36226 1374ff5d461c4aafe2b57822f45c11c6
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.5_i386.deb
Size/MD5: 115316 0a8d0a452e3cd7d37eb72a9b4bacd8c8
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.5_i386.deb
Size/MD5: 1549000 468b48af21f437e2942d4b447d18d9ef
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.5_i386.deb
Size/MD5: 2141316 d117bac8e26451e37827a62749d39b4d
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.5_i386.deb
Size/MD5: 346096 26576542e0a94b17da8ddd971fbffa90
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.5_i386.deb
Size/MD5: 170556 7739c110695754553926fad31463187f
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.5_i386.deb
Size/MD5: 60538 5c5832067d06795cbab9e65a885ba240
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.5_i386.deb
Size/MD5: 51720 e7d90e5e4eac150dfd205ac17b686cc8
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.5_lpia.deb
Size/MD5: 36028 5bfdf3e87b3764eb20c0093fb1de1d3e
http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.5_lpia.deb
Size/MD5: 114504 a4f3e28e6eb86599111687a0f7235c45
http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.5_lpia.deb
Size/MD5: 1577892 6c0014be2e9e878679480239a494e917
http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu9.5_lpia.deb
Size/MD5: 2138164 0a4c78f2bda571599ecffc75dade8006
http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.5_lpia.deb
Size/MD5: 343092 df67f3a082314f41e14cdf97c35c4668
http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.5_lpia.deb
Size/MD5: 168874 dcdab1a3f91f1f2a91a20d01873545ba
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.5_lpia.deb
Size/MD5: 60626 27c5b3fec56fcb1d7215fd35dfa31ec1
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.5_lpia.deb
Size/MD5: 52394 5644013cd3dec455b6b6d88b4306d67d
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.5_powerpc.deb
Size/MD5: 43566 986c0bd78d2fc4fb5ae76598b24b1a41
http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.5_powerpc.deb
Size/MD5: 138118 cc8ece0b9d10792ead1b7902924a6a81
http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.5_powerpc.deb
Size/MD5: 1669132 eefc44a29391bb799adc54b6cb412cf3
http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu9.5_powerpc.deb
Size/MD5: 2266096 b798bac78d4f645b90683b3a7901ff4d
http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.5_powerpc.deb
Size/MD5: 348056 e9100409aabe02a51ea9fd6c315ab5b6
http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.5_powerpc.deb
Size/MD5: 177934 9d812213782055304cc92b4b3ca69894
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.5_powerpc.deb
Size/MD5: 61266 7287aa743d0135c2d16bf29acf9cf915
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.5_powerpc.deb
Size/MD5: 57452 b132aaccd9bcf40dc9ae38783f69c6a6
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.5_sparc.deb
Size/MD5: 37220 5399de66103270899259960bb9d61345
http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.5_sparc.deb
Size/MD5: 117550 80acdf6867e804b3aa00055737534b57
http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.5_sparc.deb
Size/MD5: 1496764 e434ccdce381acf459b8d387881057d9
http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu9.5_sparc.deb
Size/MD5: 2202892 bbe3b1587f55b0bd868ce5e6fd4a38e9
http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.5_sparc.deb
Size/MD5: 344914 8a6824c84362ffbf4f9846a65045354a
http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.5_sparc.deb
Size/MD5: 166792 2be506fc868b369e46cf9f9d5fe83e69
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.5_sparc.deb
Size/MD5: 57854 aef2dd0a14d3a8f01142d78e40ddcb67
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.5_sparc.deb
Size/MD5: 49804 8d12ec1a43df8c8c40f88082139d2785
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.6.diff.gz
Size/MD5: 335789 4f5f61340c4875048c60d69f82dec645
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.6.dsc
Size/MD5: 1995 e338a99e7a2e02a57415885e285f3bb1
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9.orig.tar.gz
Size/MD5: 4809771 e6f2d90491ed050e5ff2104b617b88ea
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.3.9-17ubuntu3.6_all.deb
Size/MD5: 1165632 9b0854975cf994bd9233d6469e777e01
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.3.9-17ubuntu3.6_all.deb
Size/MD5: 60870 0e74155e761a4d852866bfdac0fb18fb
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsys2-dev_1.3.9-17ubuntu3.6_all.deb
Size/MD5: 60876 ad4e2582235225612d6c14e65dbcba3d
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-bsd_1.3.9-17ubuntu3.6_all.deb
Size/MD5: 60868 636f7492dabc042d1bc7e11864b38df1
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-client_1.3.9-17ubuntu3.6_all.deb
Size/MD5: 60872 47806c56c4700090e125496e23d8529c
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.3.9-17ubuntu3.6_all.deb
Size/MD5: 4516 0e4d49c326db4af8add9edd88b561ad9
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys_1.3.9-17ubuntu3.6_all.deb
Size/MD5: 60856 09bb0b47cf251fde476503402b0d0518
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/libcupsys2_1.3.9-17ubuntu3.6_all.deb
Size/MD5: 60866 02b07214f91997c6b4f5d017aff0655e
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.6_amd64.deb
Size/MD5: 37294 f14e9d6deb8a90dc55ba033dd6932f29
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.6_amd64.deb
Size/MD5: 119756 b6d1f12fdca56879c84d177280535945
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.6_amd64.deb
Size/MD5: 1664430 e0829de2955259a1169ca120f0a0a674
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.6_amd64.deb
Size/MD5: 2170170 47904ff162f68734105645d802262448
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.6_amd64.deb
Size/MD5: 352252 cff0030f199a0c96accc192e4168339c
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.6_amd64.deb
Size/MD5: 177900 da8f57dc1c56c823d459c12b98e64d2a
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.6_amd64.deb
Size/MD5: 61264 5deccf4e07529b9e4676a83a556cebde
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.6_amd64.deb
Size/MD5: 52226 306d5a5075974aa902c7e10066420efa
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.6_i386.deb
Size/MD5: 36230 5d95974ec58afa8d26b10d7b9c46a66b
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.6_i386.deb
Size/MD5: 115278 9011610cdad6d618456f508e3fe02107
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.6_i386.deb
Size/MD5: 1523946 660619a4cbb8df04bd81354ab6059f6c
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.6_i386.deb
Size/MD5: 2136486 7f7dea27d4901a02daf9497bd242e2d9
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.6_i386.deb
Size/MD5: 346068 67c31d2afa56164900bb916480386b79
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.6_i386.deb
Size/MD5: 174416 c84631d45fd35facbf136270470844d4
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.6_i386.deb
Size/MD5: 60498 31d407917c749a659835e23c99eef0bb
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.6_i386.deb
Size/MD5: 51542 5026ab999fb97ac800bd185af3a8cff1
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.6_lpia.deb
Size/MD5: 36022 952070683ed6130fbc8e5531e2142063
http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.6_lpia.deb
Size/MD5: 114500 977d5c00dc13327bc0c9bce453473388
http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.6_lpia.deb
Size/MD5: 1552094 4fecfb548b223615fc7ce88f8fb94264
http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.6_lpia.deb
Size/MD5: 2134028 8dad89838f050c4a375c01ab4b3b2559
http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.6_lpia.deb
Size/MD5: 343052 0139347ae444d4d9f0b9b1420ebfc04f
http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.6_lpia.deb
Size/MD5: 172714 406bb68cba379412650849ea003eb537
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.6_lpia.deb
Size/MD5: 60668 0a2993f0ac79fc4a91648991be1b0976
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.6_lpia.deb
Size/MD5: 52342 a501ebcafdf48300f5326632ce1b08b6
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.6_powerpc.deb
Size/MD5: 43574 ae6a41699272fc0b360ba6555fd4e7ef
http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.6_powerpc.deb
Size/MD5: 138086 95d5d1551240a86de61f4472f8433d01
http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.6_powerpc.deb
Size/MD5: 1640174 24942cd5b3e82cb8f700880ace4cb40b
http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.6_powerpc.deb
Size/MD5: 2257684 78ff8dc9f337c46ade897f22092939af
http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.6_powerpc.deb
Size/MD5: 347984 9663f15cddd48aaa7d389ce1244aebc1
http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.6_powerpc.deb
Size/MD5: 183308 1d188a3ea31eaba68b620b8fece8fcd8
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.6_powerpc.deb
Size/MD5: 61306 56306bfa507550c07d02b820380e19c3
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.6_powerpc.deb
Size/MD5: 57406 be85c41fd62fcaf3a28107a1614146d4
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.6_sparc.deb
Size/MD5: 37218 adeb034eaeadb51fd3723f382cab7b7c
http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.6_sparc.deb
Size/MD5: 117506 7a8039312accd4ce6be1596403616744
http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.6_sparc.deb
Size/MD5: 1468404 c3f80af2a2fc00c590562ea19e6fe9f2
http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.6_sparc.deb
Size/MD5: 2203876 b75a1f2918317d00cc1540014c42e8d0
http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.6_sparc.deb
Size/MD5: 344838 5976a1b94be50118b6ddcdc4b40de073
http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.6_sparc.deb
Size/MD5: 170236 262941bf660cc95765b72cf5aa13e14d
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.6_sparc.deb
Size/MD5: 57860 36426cde9ee4e2e2dc813ba4d0e98f19
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.6_sparc.deb
Size/MD5: 49702 590f4b45bf412b2f59d9ad4ea395754c
Updated packages for Ubuntu 9.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.4.diff.gz
Size/MD5: 414730 d1a0c764ccf1fedd4c3427c45d19a9ca
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.4.dsc
Size/MD5: 2273 4a8ceed09060814e0cf5070412e06aae
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1.orig.tar.gz
Size/MD5: 5287327 4dc8f431ef50752dfd61d9d4959abd06
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.4.1-5ubuntu2.4_all.deb
Size/MD5: 1419910 5ccad7198ba64c4d2e487109d38baf6c
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.4.1-5ubuntu2.4_all.deb
Size/MD5: 69572 33961e905c819b2d67c641fa0226596f
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsddk_1.4.1-5ubuntu2.4_all.deb
Size/MD5: 69534 04b34f17b2f23a24254d74d266121b10
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-bsd_1.4.1-5ubuntu2.4_all.deb
Size/MD5: 69562 f624d2fcb8549771cd920148ba2ace45
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-client_1.4.1-5ubuntu2.4_all.deb
Size/MD5: 69574 e0b8e717d5bd0740c7af047debb050f7
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.4.1-5ubuntu2.4_all.deb
Size/MD5: 4548 45c04ec4b5ef40e7b5a05b97cfff0821
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys_1.4.1-5ubuntu2.4_all.deb
Size/MD5: 69554 10ac2f07563d4eb693e27195b7778935
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.4_amd64.deb
Size/MD5: 36708 60bcfe9509bf6c460a24b32f3dc22f3a
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.4_amd64.deb
Size/MD5: 120258 31f336e66b77fdb68624eee6c3f6aa86
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.4_amd64.deb
Size/MD5: 89636 f2300503230b0418b939bbf0acbddd50
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.4_amd64.deb
Size/MD5: 1909456 70052df26d278ec8fbcb89e92801f59c
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.4_amd64.deb
Size/MD5: 210406 50cf5e47fc69aa59dafcc51fd1ba7aca
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.4_amd64.deb
Size/MD5: 218936 7f04aa35b965955b0c12566d18dd27bc
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.4_amd64.deb
Size/MD5: 101856 80b6e20deaa9ec8006b6233daea025c4
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.4_amd64.deb
Size/MD5: 31586 cac166753bfc5dad29293f69669402fe
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.4_amd64.deb
Size/MD5: 90190 bdf93f96a315ba2313eb0bc86a24fa2b
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.4_amd64.deb
Size/MD5: 22192 be5b0eba29c355d76aa86db66b328b8c
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.4_amd64.deb
Size/MD5: 61528 bcfe65ac2cd9cfab070635f5ede4482b
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.4_amd64.deb
Size/MD5: 53160 a3cff812c204698c97027c47a2a8032d
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.4_amd64.deb
Size/MD5: 81196 7fdf8a14125aed96ba11cfad2df8450b
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.4_amd64.deb
Size/MD5: 15492 406aa3da43f5949e6d062bf117a8656c
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.4_amd64.deb
Size/MD5: 143032 c29bf3ee9e457b0096ada17948d85afb
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.4_amd64.deb
Size/MD5: 60098 1cd00de7321f747b33a82c06bec69625
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.4_amd64.deb
Size/MD5: 34526 8a2d07f4f318a7fb578aef25a1fa106b
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.4_i386.deb
Size/MD5: 35470 59752d8fe6b0ab6b4be4bc9553dd67fe
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.4_i386.deb
Size/MD5: 115326 24a5ebd4c6b0c9932ec34481bdfc27fd
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.4_i386.deb
Size/MD5: 88804 71f3cbd750cb6283dc29cdea5e7b8dd3
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.4_i386.deb
Size/MD5: 1867476 93037d1769ff83d77a6da5ed93e82058
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.4_i386.deb
Size/MD5: 199428 dc33c5038d26a0b76f1b694598c004a0
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.4_i386.deb
Size/MD5: 213030 031bc59c14807b8d6c7347c2a3ba2e8c
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.4_i386.deb
Size/MD5: 101048 e751022124d2496ac051280b70e75d88
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.4_i386.deb
Size/MD5: 31376 133412f956a2808d74ae62bc73ca6c48
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.4_i386.deb
Size/MD5: 90402 4c375adba3718768e98346d10ecfc2ed
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.4_i386.deb
Size/MD5: 22060 6969c7f346d155095980d127763e205a
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.4_i386.deb
Size/MD5: 60314 6d620c4a4380d7e65c2dcf147c7df896
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.4_i386.deb
Size/MD5: 52412 6641e47022e889de1525eaf5c5305eca
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.4_i386.deb
Size/MD5: 81106 7e3b8f7ddec3a8a5b8377b0234270268
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.4_i386.deb
Size/MD5: 15206 fd9858648c9df78fae4a974955c0e475
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.4_i386.deb
Size/MD5: 141568 1db2ce91ffedfa1bbde68b2756cfe389
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.4_i386.deb
Size/MD5: 61438 1299d9de795e485872507e21e42b20e5
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.4_i386.deb
Size/MD5: 32824 a7d8171d0f2888bb97f59387b5953db2
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.4_lpia.deb
Size/MD5: 35442 dd26d3e196a3bc1880331dc3821cdbab
http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.4_lpia.deb
Size/MD5: 115178 76977be3cbcb0d5f4a22ada4071188e4
http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.4_lpia.deb
Size/MD5: 88774 6516931d5dce31c51b80f107a6c78f29
http://ports.ubuntu.com/pool/main/c/cups/cups_1.4.1-5ubuntu2.4_lpia.deb
Size/MD5: 1865004 e482b421a57cc75b18d979de2e82fb7a
http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.4_lpia.deb
Size/MD5: 196772 061c86b147f9fdb980e7d40d8e84dabd
http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.4_lpia.deb
Size/MD5: 211440 13a330ef0e77a7f20f0e803140148905
http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.4_lpia.deb
Size/MD5: 100448 17f556fffdb82e83559268361e0eb53f
http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.4_lpia.deb
Size/MD5: 31206 27d0d62e0c989545ed7455f832eb2b25
http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.4_lpia.deb
Size/MD5: 89820 86176d7a6557617ff30aa83bcc875196
http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.4_lpia.deb
Size/MD5: 21778 e04668e8936e1d32e7e33414e570fcee
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.4_lpia.deb
Size/MD5: 59950 9569de467d24173a0c35b838fea647fc
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.4_lpia.deb
Size/MD5: 52576 582213e9cde03104f3c1795d06984197
http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.4_lpia.deb
Size/MD5: 81056 c1a6cca183116319ed1a095806cf1c8c
http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.4_lpia.deb
Size/MD5: 15304 21d41f59b097afbd27a12f7c9e877b32
http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.4_lpia.deb
Size/MD5: 141898 15553deba7c1e9c98136330e97b59119
http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.4_lpia.deb
Size/MD5: 62662 ecc362e334c91a0530c356b17e6a2641
http://ports.ubuntu.com/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.4_lpia.deb
Size/MD5: 33264 325a9170ecf6cd1dc9f955be9bbc1d24
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.4_powerpc.deb
Size/MD5: 37006 3acbe062b83fdc269964eef5675a89c5
http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.4_powerpc.deb
Size/MD5: 121650 74995951c11f700b551f6c8ce2badb23
http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.4_powerpc.deb
Size/MD5: 89384 8f0ce2467cda194e493e87369aab765d
http://ports.ubuntu.com/pool/main/c/cups/cups_1.4.1-5ubuntu2.4_powerpc.deb
Size/MD5: 1930866 ef1a8fd29f47f928b81c785730ce89d9
http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.4_powerpc.deb
Size/MD5: 203588 decd7de1cafe69b61d713988fe55af37
http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.4_powerpc.deb
Size/MD5: 223504 f60c1ea0858fd39961852c870c7fce49
http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.4_powerpc.deb
Size/MD5: 101020 c0ad517da1a8bc09ccf97903a3ded8c9
http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.4_powerpc.deb
Size/MD5: 33348 2424426af873cd4207b8226ebb8490c5
http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.4_powerpc.deb
Size/MD5: 89594 9e6125fb851403ef7e80f09840eaa89a
http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.4_powerpc.deb
Size/MD5: 22324 a4b8cbb7319e42721479d3092ef23f16
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.4_powerpc.deb
Size/MD5: 60618 01ffa1358e2fb0c5dd307cd8d135c14f
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.4_powerpc.deb
Size/MD5: 55376 fa276276aa683c19b9fc10bf65372347
http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.4_powerpc.deb
Size/MD5: 81558 c9060c3ec4eca6ae2ce532f44298e556
http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.4_powerpc.deb
Size/MD5: 15790 c857b043bf0bb4ff3dfc0db38de89f99
http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.4_powerpc.deb
Size/MD5: 141118 92099a9250e369378fe8287e556b21a7
http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.4_powerpc.deb
Size/MD5: 64954 b7da8579507c4db05cc78df34d289f76
http://ports.ubuntu.com/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.4_powerpc.deb
Size/MD5: 34790 964c7ecb9faa3a0b1a115a2a06a66e75
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.4_sparc.deb
Size/MD5: 36068 7ab9b44191ad5078c5f63a521744ca23
http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.4_sparc.deb
Size/MD5: 117816 2be453254c5f80dc1c353acc62a3c443
http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.4_sparc.deb
Size/MD5: 89232 09f73b5d95d3248b5ecc0393036ddbff
http://ports.ubuntu.com/pool/main/c/cups/cups_1.4.1-5ubuntu2.4_sparc.deb
Size/MD5: 1954238 7f4762af124ba5e650569b6fa2fbb5c7
http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.4_sparc.deb
Size/MD5: 201516 730d6a0e1428a7165e01a565cc810d8a
http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.4_sparc.deb
Size/MD5: 210594 4f16bfe7a76a1c9cb137401290c4f5c1
http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.4_sparc.deb
Size/MD5: 102698 fe023955fc4e93236d2ff46b685bc32b
http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.4_sparc.deb
Size/MD5: 31560 4be671eb7500d06a1f949df0d92086e7
http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.4_sparc.deb
Size/MD5: 89804 3e5dbcf536bc2be0435561b4997c796e
http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.4_sparc.deb
Size/MD5: 21380 fce9fff2a5bc990ae97cd67569805789
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.4_sparc.deb
Size/MD5: 58150 e5a43b39220105101c69480fa63075f5
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.4_sparc.deb
Size/MD5: 50290 1cf2e270243b8f0a6cc56405a8c5bd94
http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.4_sparc.deb
Size/MD5: 80330 fd1073834591fd282edc82e516d7e533
http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.4_sparc.deb
Size/MD5: 14380 e00615f5e33b445f214fd1205b1948cb
http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.4_sparc.deb
Size/MD5: 144322 85692c2dcfd49bb0c0e0aad28ccb670c
http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.4_sparc.deb
Size/MD5: 61450 c809cd1adf184af7e35e60fa9c9c55e3
http://ports.ubuntu.com/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.4_sparc.deb
Size/MD5: 33858 2bddab9378a2a4e3938ce6ed39dc807e
.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-print/cups < 1.4.8-r1 >= 1.4.8-r1
Description
===========
Multiple vulnerabilities have been discovered in CUPS. Please review
the CVE identifiers referenced below for details.
Impact
======
A remote attacker may be able to execute arbitrary code using specially
crafted streams, IPP requests or files, or cause a Denial of Service
(daemon crash or hang). A local attacker may be able to gain escalated
privileges or overwrite arbitrary files. Furthermore, a remote attacker
may be able to obtain sensitive information from the CUPS process or
hijack a CUPS administrator authentication request.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All CUPS users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-print/cups-1.4.8-r1"
NOTE: This is a legacy GLSA. Updates for all affected architectures are
available since September 03, 2011. It is likely that your system is
already no longer affected by this issue.
References
==========
[ 1 ] CVE-2009-3553
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3553
[ 2 ] CVE-2010-0302
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0302
[ 3 ] CVE-2010-0393
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0393
[ 4 ] CVE-2010-0540
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0540
[ 5 ] CVE-2010-0542
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0542
[ 6 ] CVE-2010-1748
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1748
[ 7 ] CVE-2010-2431
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2431
[ 8 ] CVE-2010-2432
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2432
[ 9 ] CVE-2010-2941
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2941
[ 10 ] CVE-2011-3170
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3170
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201207-10.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
| VAR-201003-1075 | CVE-2010-0302 | CUPS of cupsd Service operation interruption in (DoS) Vulnerability |
CVSS V2: 4.3 CVSS V3: 7.5 Severity: HIGH |
Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epoll is used, allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-3553. (DoS) There is a vulnerability that could result in a condition. This vulnerability is CVE-2009-3553 This vulnerability is due to an insufficient fix for .Interfering with service operation by a third party (DoS) It may be in a state. CUPS is prone to a denial-of-service vulnerability.
NOTE: This issue is due to an incomplete fix for BID 37048 (CUPS File Descriptors Handling Remote Denial Of Service Vulnerability).
A remote attacker can exploit this issue to crash the affected application, denying service to legitimate users. It is based on the Internet Printing Protocol and provides most PostScript and raster printer services. The way the cupsdDoSelect() function in the scheduler/select.c file of CUPS handles references in its file descriptor processing interface has a use-after-free error. A remote attacker can query the current print job list of a specific printer in a special way. Cause cupsd to crash.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2010:073-1
http://www.mandriva.com/security/
_______________________________________________________________________
Package : cups
Date : April 14, 2010
Affected: 2010.0
_______________________________________________________________________
Problem Description:
Multiple vulnerabilities has been found and corrected in cups:
CUPS in does not properly handle (1) HTTP headers and (2) HTML
templates, which allows remote attackers to conduct cross-site
scripting (XSS) attacks and HTTP response splitting attacks via vectors
related to (a) the product's web interface, (b) the configuration of
the print system, and (c) the titles of printed jobs (CVE-2009-2820).
The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS
1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable
to determine the file that provides localized message strings, which
allows local users to gain privileges via a file that contains crafted
localization data with format string specifiers (CVE-2010-0393).
The updated packages have been patched to correct these issues.
Update:
Packages for Mandriva Linux 2010.0 was missing with
MDVSA-2010:073. This advisory provides packages for 2010.0 as well.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2820
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3553
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0302
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0393
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2010.0:
ba3d43f654fd15aea9f81eadb57c3022 2010.0/i586/cups-1.4.1-12.1mdv2010.0.i586.rpm
b1f275796b029190380e40ae23ae8ed0 2010.0/i586/cups-common-1.4.1-12.1mdv2010.0.i586.rpm
296b30522aa7c008767c6b285aa4b715 2010.0/i586/cups-serial-1.4.1-12.1mdv2010.0.i586.rpm
b3abb3c2299c1cb32848c0ee5954eed8 2010.0/i586/libcups2-1.4.1-12.1mdv2010.0.i586.rpm
d91c255a1e42e5988f1d8d2d94ffd369 2010.0/i586/libcups2-devel-1.4.1-12.1mdv2010.0.i586.rpm
ba336d918bbe9d03cf4fa823293bfb37 2010.0/i586/php-cups-1.4.1-12.1mdv2010.0.i586.rpm
c3aee001d1629963053f475a49b7cd5d 2010.0/SRPMS/cups-1.4.1-12.1mdv2010.0.src.rpm
Mandriva Linux 2010.0/X86_64:
7c089025f467e5b366e57a15e85857ce 2010.0/x86_64/cups-1.4.1-12.1mdv2010.0.x86_64.rpm
0e0e4ad3a4d42022d22a88ee8568f8bf 2010.0/x86_64/cups-common-1.4.1-12.1mdv2010.0.x86_64.rpm
cb7b4cadce5a174bbd4027f478b38c26 2010.0/x86_64/cups-serial-1.4.1-12.1mdv2010.0.x86_64.rpm
653bd25375281b919c6438e71052359d 2010.0/x86_64/lib64cups2-1.4.1-12.1mdv2010.0.x86_64.rpm
7bebd27fa6ce2aa5667d28fd7b06702e 2010.0/x86_64/lib64cups2-devel-1.4.1-12.1mdv2010.0.x86_64.rpm
34452fc88d7a16591eb653a32c6daa28 2010.0/x86_64/php-cups-1.4.1-12.1mdv2010.0.x86_64.rpm
c3aee001d1629963053f475a49b7cd5d 2010.0/SRPMS/cups-1.4.1-12.1mdv2010.0.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFLxclfmqjQ0CJFipgRAmhmAJ4qtZ7GxqbmNOSfJeozcsqRCBvAsACg2vG+
NRt/ytxq5LWHwOAGFnOKnIw=
=ayqT
-----END PGP SIGNATURE-----
. ----------------------------------------------------------------------
Use WSUS to deploy 3rd party patches
Public BETA
http://secunia.com/vulnerability_scanning/corporate/wsus_3rd_third_party_patching/
----------------------------------------------------------------------
TITLE:
Red Hat update for cups
SECUNIA ADVISORY ID:
SA38785
VERIFY ADVISORY:
http://secunia.com/advisories/38785/
DESCRIPTION:
Red Hat has issued an update for cups.
For more information:
SA37364
SOLUTION:
Updated packages are available via Red Hat Network.
CHANGELOG:
2010-03-04: Added CVE reference.
ORIGINAL ADVISORY:
RHSA-2010:0129-1:
https://rhn.redhat.com/errata/RHSA-2010-0129.html
OTHER REFERENCES:
SA37364:
http://secunia.com/advisories/37364/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
. ===========================================================
Ubuntu Security Notice USN-906-1 March 03, 2010
cups, cupsys vulnerabilities
CVE-2009-3553, CVE-2010-0302, CVE-2010-0393
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04
Ubuntu 9.10
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
cupsys 1.2.2-0ubuntu0.6.06.17
cupsys-client 1.2.2-0ubuntu0.6.06.17
Ubuntu 8.04 LTS:
cupsys 1.3.7-1ubuntu3.8
cupsys-client 1.3.7-1ubuntu3.8
Ubuntu 8.10:
cups 1.3.9-2ubuntu9.5
cups-client 1.3.9-2ubuntu9.5
Ubuntu 9.04:
cups 1.3.9-17ubuntu3.6
cups-client 1.3.9-17ubuntu3.6
Ubuntu 9.10:
cups 1.4.1-5ubuntu2.4
cups-client 1.4.1-5ubuntu2.4
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
It was discovered that the CUPS scheduler did not properly handle certain
network operations. A local attacker could exploit this with a format-string
vulnerability leading to a root privilege escalation. The default compiler
options for Ubuntu 8.10, 9.04 and 9.10 should reduce this vulnerability to
a denial of service. (CVE-2010-0393)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.17.diff.gz
Size/MD5: 106482 26e1af0359723f0fe887019ea8973a7e
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.17.dsc
Size/MD5: 1061 400968d3ecf83db01f0a427f10f2998e
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2.orig.tar.gz
Size/MD5: 4070384 2c99b8aa4c8dc25c8a84f9c06aa52e3e
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.2.2-0ubuntu0.6.06.17_all.deb
Size/MD5: 998 776cbf76de0fa4da83fa66cac2a2ee9c
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.17_amd64.deb
Size/MD5: 36220 1a0b165edf4aaff4b063ef5ffb44aec3
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.17_amd64.deb
Size/MD5: 81834 6fc3613d660d8193ef5bc8820a7241d9
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.17_amd64.deb
Size/MD5: 2289018 87d64d2f3a97289ad6b6db57d090ca2d
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.17_amd64.deb
Size/MD5: 6090 85aeada029ad3c01ff7f1e18f9ea9cc2
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.17_amd64.deb
Size/MD5: 77908 96e28918fdf830eb12336aadedf9f281
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.17_amd64.deb
Size/MD5: 25740 85b73ffa3c93b1cca0f9421fdaa01cc3
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.17_amd64.deb
Size/MD5: 130734 938995599b4be32a725528c80981fa78
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.17_i386.deb
Size/MD5: 34766 47d4bdcf450f6d8d30206c35192f1b7d
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.17_i386.deb
Size/MD5: 77930 e830a9300772160fb0a6748da948f246
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.17_i386.deb
Size/MD5: 2256104 bcfa53bda3ed0c1e50636e804af11055
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.17_i386.deb
Size/MD5: 6094 34a470a2aaff3e3ab10eea29a1bd8200
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.17_i386.deb
Size/MD5: 77022 ab3b5c283d4ec643297685c034f1073c
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.17_i386.deb
Size/MD5: 25748 d5904841e833850731621090c1b88c8c
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.17_i386.deb
Size/MD5: 122908 eb39cde640458c67403c00cfd65ea312
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.17_powerpc.deb
Size/MD5: 40474 a47c9a5aad3feee3c9218d32e3f03f85
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.17_powerpc.deb
Size/MD5: 89482 81e3f9ad6e8fe3cb3096b133bfb4fb5b
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.17_powerpc.deb
Size/MD5: 2303712 fffb516669489cf38ce5f410b58112af
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.17_powerpc.deb
Size/MD5: 6092 8c6d3af926e6729378b1ba23508e3c6b
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.17_powerpc.deb
Size/MD5: 79548 169e4c3351cf2ef0c99e478d8e2a3a46
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.17_powerpc.deb
Size/MD5: 25740 f0d21ba1ea537495d3953a22999d1dd4
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.17_powerpc.deb
Size/MD5: 128662 98b0c1483cc7021fff335da8d79c67c2
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.17_sparc.deb
Size/MD5: 35388 1128a347e119ca9525784ed50da5d0ab
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.17_sparc.deb
Size/MD5: 78684 596751675fee6063e59dab02e7b44543
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.17_sparc.deb
Size/MD5: 2289934 9bd77e6533b77678840172bcf285c157
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.17_sparc.deb
Size/MD5: 6096 a11d49069913645b3a947d2dfa6f5f84
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.17_sparc.deb
Size/MD5: 76832 c1049c92d30205b8032648dfbd90299c
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.17_sparc.deb
Size/MD5: 25744 d2d1088e3744d305b6c90aca7eda4be0
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.17_sparc.deb
Size/MD5: 124486 60a22b1cccb08eaab9847b9e87c59032
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8.diff.gz
Size/MD5: 141577 5cb2a7055c83f2535e6704212c06ea0c
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8.dsc
Size/MD5: 1442 d42e1f9c2424210f66acfaeb4ecf293a
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7.orig.tar.gz
Size/MD5: 4700333 383e556d9841475847da6076c88da467
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.7-1ubuntu3.8_all.deb
Size/MD5: 1144392 72c2295be929ac91622921b866586810
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.8_amd64.deb
Size/MD5: 37522 606cf4d3db841e5c7699af8e6063d28a
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.8_amd64.deb
Size/MD5: 90020 5494f76c3c0aff50e61b0e7065d4fc45
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8_amd64.deb
Size/MD5: 1882420 fbf517a3c599b99d5ea8936c09f4a6d6
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.8_amd64.deb
Size/MD5: 60800 2b3dd2ab96e425ab134602608f0d3530
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.8_amd64.deb
Size/MD5: 50216 27fb4f492cc7bf62c01a275741d37011
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.8_amd64.deb
Size/MD5: 345048 0525be5bc4dd045cd78a1b284f98398a
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.8_amd64.deb
Size/MD5: 178536 a044522e561b9b3be73617a175cc399d
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.8_i386.deb
Size/MD5: 36956 0507d5e834e622f33412109dcb260037
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.8_i386.deb
Size/MD5: 88530 244e700f4596074b37c4b7acb984dacc
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8_i386.deb
Size/MD5: 1864902 b6f438dea33b89a9f268d732d670faf1
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.8_i386.deb
Size/MD5: 60090 e83c89c8fe55e2f2e79d424e4231f8a1
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.8_i386.deb
Size/MD5: 49862 97abed0edb9dfbd42e8ba975c424e6d8
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.8_i386.deb
Size/MD5: 339414 1e4250fd6c379296cfba76f67ab97465
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.8_i386.deb
Size/MD5: 175410 efdf295f468c419fd957e69f98fd715a
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.8_lpia.deb
Size/MD5: 36660 58ce4787d4d5b43fdc762f21f06bb6bf
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.8_lpia.deb
Size/MD5: 88834 ea87ff5e386e37ddcd2a3678e85764e5
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8_lpia.deb
Size/MD5: 1867016 ba1534fcc9263b70868c4ed449529e25
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.8_lpia.deb
Size/MD5: 60492 e06a5a3660f9967ec6e0040a486d7362
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.8_lpia.deb
Size/MD5: 50808 ca0c034e3beff76b902c6471afbd7268
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.8_lpia.deb
Size/MD5: 337072 bfaa21b082ce3052922a179d522213d4
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.8_lpia.deb
Size/MD5: 174440 8e2dd41e1e07942ee0f53e05c608206a
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.8_powerpc.deb
Size/MD5: 46932 a5d83468e8e0269a483c914230768ea3
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.8_powerpc.deb
Size/MD5: 110654 ec3d80099ccbaeb3f0929644f45bbd75
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8_powerpc.deb
Size/MD5: 1951280 f475ae7f5ae8ad00bc1ebd7c4634c3ae
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.8_powerpc.deb
Size/MD5: 59922 cb7e8e802dfbe515260578f585ee4427
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.8_powerpc.deb
Size/MD5: 54924 234a155df73c7ef047ac3c5c8b2e132a
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.8_powerpc.deb
Size/MD5: 341760 1ada03ee442854916b34f267b1301407
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.8_powerpc.deb
Size/MD5: 184292 e080a077141436e9837682cf5c6e56e1
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.8_sparc.deb
Size/MD5: 38038 15aef403a65149edb1b6e3c87bbcf1e3
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.8_sparc.deb
Size/MD5: 91026 a4ade2e1d03f94b36122a5788f37cc97
http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8_sparc.deb
Size/MD5: 1899806 de0f0a1899697c7add1960031257c51e
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.8_sparc.deb
Size/MD5: 57822 c2af4acac6a11e98f72703a25b2ebdfc
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.8_sparc.deb
Size/MD5: 48224 cf486639b2c6b6247afe109eb73e30d7
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.8_sparc.deb
Size/MD5: 341494 8c21fd99687d9fd49fa97e6c4638338e
http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.8_sparc.deb
Size/MD5: 174130 9c878b37d2afd35ee0b50c077490112e
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.5.diff.gz
Size/MD5: 331097 6adf07d4858d39e6047a97c0a312901e
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.5.dsc
Size/MD5: 2044 d77dce1f6e35cabbd18e84a7c7031b0d
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9.orig.tar.gz
Size/MD5: 4809771 e6f2d90491ed050e5ff2104b617b88ea
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.3.9-2ubuntu9.5_all.deb
Size/MD5: 1163190 5c0dee3c7fd7541494ff7dc348be8728
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-bsd_1.3.9-2ubuntu9.5_all.deb
Size/MD5: 58560 74c932189d98c843872876adc83c989e
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-client_1.3.9-2ubuntu9.5_all.deb
Size/MD5: 58568 0666bac83bfb1edcc37931ad25588204
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.3.9-2ubuntu9.5_all.deb
Size/MD5: 58562 f524010f0aea453b001b084250bb7063
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys_1.3.9-2ubuntu9.5_all.deb
Size/MD5: 58552 a55ec8b8772c680a7413afb1b069ee3e
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsys2-dev_1.3.9-2ubuntu9.5_all.deb
Size/MD5: 58574 420d72079939829054f9bb7978375ecd
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.3.9-2ubuntu9.5_all.deb
Size/MD5: 4536 660fc4e6b26c050504a674aec5e0b8cd
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/libcupsys2_1.3.9-2ubuntu9.5_all.deb
Size/MD5: 58560 919055c4a196d7cfa5e93a3e73de24f9
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.5_amd64.deb
Size/MD5: 37296 0640e7fff6aa2dbbc93a839f641e1da0
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.5_amd64.deb
Size/MD5: 119772 fc950280a6a56b99486a29868c65bf9a
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.5_amd64.deb
Size/MD5: 1688940 84c0da9c505411cd3cbee063687215fa
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.5_amd64.deb
Size/MD5: 2174144 1bff27592c202999f0fd2705eeb8282e
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.5_amd64.deb
Size/MD5: 352308 bcdc4e90a86a22e503cf20e492f57e0f
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.5_amd64.deb
Size/MD5: 173636 d477c60212f8098b6e92c2b5ec0b7ee2
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.5_amd64.deb
Size/MD5: 61320 35baa0391a49f0490f49a97d5c8d57d4
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.5_amd64.deb
Size/MD5: 52322 d0caa49b4da1ea3ce447d2fa161d7394
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.5_i386.deb
Size/MD5: 36226 1374ff5d461c4aafe2b57822f45c11c6
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.5_i386.deb
Size/MD5: 115316 0a8d0a452e3cd7d37eb72a9b4bacd8c8
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.5_i386.deb
Size/MD5: 1549000 468b48af21f437e2942d4b447d18d9ef
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.5_i386.deb
Size/MD5: 2141316 d117bac8e26451e37827a62749d39b4d
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.5_i386.deb
Size/MD5: 346096 26576542e0a94b17da8ddd971fbffa90
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.5_i386.deb
Size/MD5: 170556 7739c110695754553926fad31463187f
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.5_i386.deb
Size/MD5: 60538 5c5832067d06795cbab9e65a885ba240
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.5_i386.deb
Size/MD5: 51720 e7d90e5e4eac150dfd205ac17b686cc8
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.5_lpia.deb
Size/MD5: 36028 5bfdf3e87b3764eb20c0093fb1de1d3e
http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.5_lpia.deb
Size/MD5: 114504 a4f3e28e6eb86599111687a0f7235c45
http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.5_lpia.deb
Size/MD5: 1577892 6c0014be2e9e878679480239a494e917
http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu9.5_lpia.deb
Size/MD5: 2138164 0a4c78f2bda571599ecffc75dade8006
http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.5_lpia.deb
Size/MD5: 343092 df67f3a082314f41e14cdf97c35c4668
http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.5_lpia.deb
Size/MD5: 168874 dcdab1a3f91f1f2a91a20d01873545ba
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.5_lpia.deb
Size/MD5: 60626 27c5b3fec56fcb1d7215fd35dfa31ec1
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.5_lpia.deb
Size/MD5: 52394 5644013cd3dec455b6b6d88b4306d67d
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.5_powerpc.deb
Size/MD5: 43566 986c0bd78d2fc4fb5ae76598b24b1a41
http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.5_powerpc.deb
Size/MD5: 138118 cc8ece0b9d10792ead1b7902924a6a81
http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.5_powerpc.deb
Size/MD5: 1669132 eefc44a29391bb799adc54b6cb412cf3
http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu9.5_powerpc.deb
Size/MD5: 2266096 b798bac78d4f645b90683b3a7901ff4d
http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.5_powerpc.deb
Size/MD5: 348056 e9100409aabe02a51ea9fd6c315ab5b6
http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.5_powerpc.deb
Size/MD5: 177934 9d812213782055304cc92b4b3ca69894
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.5_powerpc.deb
Size/MD5: 61266 7287aa743d0135c2d16bf29acf9cf915
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.5_powerpc.deb
Size/MD5: 57452 b132aaccd9bcf40dc9ae38783f69c6a6
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.5_sparc.deb
Size/MD5: 37220 5399de66103270899259960bb9d61345
http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.5_sparc.deb
Size/MD5: 117550 80acdf6867e804b3aa00055737534b57
http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.5_sparc.deb
Size/MD5: 1496764 e434ccdce381acf459b8d387881057d9
http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu9.5_sparc.deb
Size/MD5: 2202892 bbe3b1587f55b0bd868ce5e6fd4a38e9
http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.5_sparc.deb
Size/MD5: 344914 8a6824c84362ffbf4f9846a65045354a
http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.5_sparc.deb
Size/MD5: 166792 2be506fc868b369e46cf9f9d5fe83e69
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.5_sparc.deb
Size/MD5: 57854 aef2dd0a14d3a8f01142d78e40ddcb67
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.5_sparc.deb
Size/MD5: 49804 8d12ec1a43df8c8c40f88082139d2785
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.6.diff.gz
Size/MD5: 335789 4f5f61340c4875048c60d69f82dec645
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.6.dsc
Size/MD5: 1995 e338a99e7a2e02a57415885e285f3bb1
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9.orig.tar.gz
Size/MD5: 4809771 e6f2d90491ed050e5ff2104b617b88ea
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.3.9-17ubuntu3.6_all.deb
Size/MD5: 1165632 9b0854975cf994bd9233d6469e777e01
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.3.9-17ubuntu3.6_all.deb
Size/MD5: 60870 0e74155e761a4d852866bfdac0fb18fb
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsys2-dev_1.3.9-17ubuntu3.6_all.deb
Size/MD5: 60876 ad4e2582235225612d6c14e65dbcba3d
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-bsd_1.3.9-17ubuntu3.6_all.deb
Size/MD5: 60868 636f7492dabc042d1bc7e11864b38df1
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-client_1.3.9-17ubuntu3.6_all.deb
Size/MD5: 60872 47806c56c4700090e125496e23d8529c
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.3.9-17ubuntu3.6_all.deb
Size/MD5: 4516 0e4d49c326db4af8add9edd88b561ad9
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys_1.3.9-17ubuntu3.6_all.deb
Size/MD5: 60856 09bb0b47cf251fde476503402b0d0518
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/libcupsys2_1.3.9-17ubuntu3.6_all.deb
Size/MD5: 60866 02b07214f91997c6b4f5d017aff0655e
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.6_amd64.deb
Size/MD5: 37294 f14e9d6deb8a90dc55ba033dd6932f29
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.6_amd64.deb
Size/MD5: 119756 b6d1f12fdca56879c84d177280535945
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.6_amd64.deb
Size/MD5: 1664430 e0829de2955259a1169ca120f0a0a674
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.6_amd64.deb
Size/MD5: 2170170 47904ff162f68734105645d802262448
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.6_amd64.deb
Size/MD5: 352252 cff0030f199a0c96accc192e4168339c
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.6_amd64.deb
Size/MD5: 177900 da8f57dc1c56c823d459c12b98e64d2a
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.6_amd64.deb
Size/MD5: 61264 5deccf4e07529b9e4676a83a556cebde
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.6_amd64.deb
Size/MD5: 52226 306d5a5075974aa902c7e10066420efa
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.6_i386.deb
Size/MD5: 36230 5d95974ec58afa8d26b10d7b9c46a66b
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.6_i386.deb
Size/MD5: 115278 9011610cdad6d618456f508e3fe02107
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.6_i386.deb
Size/MD5: 1523946 660619a4cbb8df04bd81354ab6059f6c
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.6_i386.deb
Size/MD5: 2136486 7f7dea27d4901a02daf9497bd242e2d9
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.6_i386.deb
Size/MD5: 346068 67c31d2afa56164900bb916480386b79
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.6_i386.deb
Size/MD5: 174416 c84631d45fd35facbf136270470844d4
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.6_i386.deb
Size/MD5: 60498 31d407917c749a659835e23c99eef0bb
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.6_i386.deb
Size/MD5: 51542 5026ab999fb97ac800bd185af3a8cff1
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.6_lpia.deb
Size/MD5: 36022 952070683ed6130fbc8e5531e2142063
http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.6_lpia.deb
Size/MD5: 114500 977d5c00dc13327bc0c9bce453473388
http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.6_lpia.deb
Size/MD5: 1552094 4fecfb548b223615fc7ce88f8fb94264
http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.6_lpia.deb
Size/MD5: 2134028 8dad89838f050c4a375c01ab4b3b2559
http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.6_lpia.deb
Size/MD5: 343052 0139347ae444d4d9f0b9b1420ebfc04f
http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.6_lpia.deb
Size/MD5: 172714 406bb68cba379412650849ea003eb537
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.6_lpia.deb
Size/MD5: 60668 0a2993f0ac79fc4a91648991be1b0976
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.6_lpia.deb
Size/MD5: 52342 a501ebcafdf48300f5326632ce1b08b6
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.6_powerpc.deb
Size/MD5: 43574 ae6a41699272fc0b360ba6555fd4e7ef
http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.6_powerpc.deb
Size/MD5: 138086 95d5d1551240a86de61f4472f8433d01
http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.6_powerpc.deb
Size/MD5: 1640174 24942cd5b3e82cb8f700880ace4cb40b
http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.6_powerpc.deb
Size/MD5: 2257684 78ff8dc9f337c46ade897f22092939af
http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.6_powerpc.deb
Size/MD5: 347984 9663f15cddd48aaa7d389ce1244aebc1
http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.6_powerpc.deb
Size/MD5: 183308 1d188a3ea31eaba68b620b8fece8fcd8
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.6_powerpc.deb
Size/MD5: 61306 56306bfa507550c07d02b820380e19c3
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.6_powerpc.deb
Size/MD5: 57406 be85c41fd62fcaf3a28107a1614146d4
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.6_sparc.deb
Size/MD5: 37218 adeb034eaeadb51fd3723f382cab7b7c
http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.6_sparc.deb
Size/MD5: 117506 7a8039312accd4ce6be1596403616744
http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.6_sparc.deb
Size/MD5: 1468404 c3f80af2a2fc00c590562ea19e6fe9f2
http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.6_sparc.deb
Size/MD5: 2203876 b75a1f2918317d00cc1540014c42e8d0
http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.6_sparc.deb
Size/MD5: 344838 5976a1b94be50118b6ddcdc4b40de073
http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.6_sparc.deb
Size/MD5: 170236 262941bf660cc95765b72cf5aa13e14d
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.6_sparc.deb
Size/MD5: 57860 36426cde9ee4e2e2dc813ba4d0e98f19
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.6_sparc.deb
Size/MD5: 49702 590f4b45bf412b2f59d9ad4ea395754c
Updated packages for Ubuntu 9.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.4.diff.gz
Size/MD5: 414730 d1a0c764ccf1fedd4c3427c45d19a9ca
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.4.dsc
Size/MD5: 2273 4a8ceed09060814e0cf5070412e06aae
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1.orig.tar.gz
Size/MD5: 5287327 4dc8f431ef50752dfd61d9d4959abd06
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.4.1-5ubuntu2.4_all.deb
Size/MD5: 1419910 5ccad7198ba64c4d2e487109d38baf6c
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.4.1-5ubuntu2.4_all.deb
Size/MD5: 69572 33961e905c819b2d67c641fa0226596f
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsddk_1.4.1-5ubuntu2.4_all.deb
Size/MD5: 69534 04b34f17b2f23a24254d74d266121b10
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-bsd_1.4.1-5ubuntu2.4_all.deb
Size/MD5: 69562 f624d2fcb8549771cd920148ba2ace45
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-client_1.4.1-5ubuntu2.4_all.deb
Size/MD5: 69574 e0b8e717d5bd0740c7af047debb050f7
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.4.1-5ubuntu2.4_all.deb
Size/MD5: 4548 45c04ec4b5ef40e7b5a05b97cfff0821
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys_1.4.1-5ubuntu2.4_all.deb
Size/MD5: 69554 10ac2f07563d4eb693e27195b7778935
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.4_amd64.deb
Size/MD5: 36708 60bcfe9509bf6c460a24b32f3dc22f3a
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.4_amd64.deb
Size/MD5: 120258 31f336e66b77fdb68624eee6c3f6aa86
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.4_amd64.deb
Size/MD5: 89636 f2300503230b0418b939bbf0acbddd50
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.4_amd64.deb
Size/MD5: 1909456 70052df26d278ec8fbcb89e92801f59c
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.4_amd64.deb
Size/MD5: 210406 50cf5e47fc69aa59dafcc51fd1ba7aca
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.4_amd64.deb
Size/MD5: 218936 7f04aa35b965955b0c12566d18dd27bc
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.4_amd64.deb
Size/MD5: 101856 80b6e20deaa9ec8006b6233daea025c4
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.4_amd64.deb
Size/MD5: 31586 cac166753bfc5dad29293f69669402fe
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.4_amd64.deb
Size/MD5: 90190 bdf93f96a315ba2313eb0bc86a24fa2b
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.4_amd64.deb
Size/MD5: 22192 be5b0eba29c355d76aa86db66b328b8c
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.4_amd64.deb
Size/MD5: 61528 bcfe65ac2cd9cfab070635f5ede4482b
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.4_amd64.deb
Size/MD5: 53160 a3cff812c204698c97027c47a2a8032d
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.4_amd64.deb
Size/MD5: 81196 7fdf8a14125aed96ba11cfad2df8450b
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.4_amd64.deb
Size/MD5: 15492 406aa3da43f5949e6d062bf117a8656c
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.4_amd64.deb
Size/MD5: 143032 c29bf3ee9e457b0096ada17948d85afb
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.4_amd64.deb
Size/MD5: 60098 1cd00de7321f747b33a82c06bec69625
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.4_amd64.deb
Size/MD5: 34526 8a2d07f4f318a7fb578aef25a1fa106b
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.4_i386.deb
Size/MD5: 35470 59752d8fe6b0ab6b4be4bc9553dd67fe
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.4_i386.deb
Size/MD5: 115326 24a5ebd4c6b0c9932ec34481bdfc27fd
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.4_i386.deb
Size/MD5: 88804 71f3cbd750cb6283dc29cdea5e7b8dd3
http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.4_i386.deb
Size/MD5: 1867476 93037d1769ff83d77a6da5ed93e82058
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.4_i386.deb
Size/MD5: 199428 dc33c5038d26a0b76f1b694598c004a0
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.4_i386.deb
Size/MD5: 213030 031bc59c14807b8d6c7347c2a3ba2e8c
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.4_i386.deb
Size/MD5: 101048 e751022124d2496ac051280b70e75d88
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.4_i386.deb
Size/MD5: 31376 133412f956a2808d74ae62bc73ca6c48
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.4_i386.deb
Size/MD5: 90402 4c375adba3718768e98346d10ecfc2ed
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.4_i386.deb
Size/MD5: 22060 6969c7f346d155095980d127763e205a
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.4_i386.deb
Size/MD5: 60314 6d620c4a4380d7e65c2dcf147c7df896
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.4_i386.deb
Size/MD5: 52412 6641e47022e889de1525eaf5c5305eca
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.4_i386.deb
Size/MD5: 81106 7e3b8f7ddec3a8a5b8377b0234270268
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.4_i386.deb
Size/MD5: 15206 fd9858648c9df78fae4a974955c0e475
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.4_i386.deb
Size/MD5: 141568 1db2ce91ffedfa1bbde68b2756cfe389
http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.4_i386.deb
Size/MD5: 61438 1299d9de795e485872507e21e42b20e5
http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.4_i386.deb
Size/MD5: 32824 a7d8171d0f2888bb97f59387b5953db2
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.4_lpia.deb
Size/MD5: 35442 dd26d3e196a3bc1880331dc3821cdbab
http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.4_lpia.deb
Size/MD5: 115178 76977be3cbcb0d5f4a22ada4071188e4
http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.4_lpia.deb
Size/MD5: 88774 6516931d5dce31c51b80f107a6c78f29
http://ports.ubuntu.com/pool/main/c/cups/cups_1.4.1-5ubuntu2.4_lpia.deb
Size/MD5: 1865004 e482b421a57cc75b18d979de2e82fb7a
http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.4_lpia.deb
Size/MD5: 196772 061c86b147f9fdb980e7d40d8e84dabd
http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.4_lpia.deb
Size/MD5: 211440 13a330ef0e77a7f20f0e803140148905
http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.4_lpia.deb
Size/MD5: 100448 17f556fffdb82e83559268361e0eb53f
http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.4_lpia.deb
Size/MD5: 31206 27d0d62e0c989545ed7455f832eb2b25
http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.4_lpia.deb
Size/MD5: 89820 86176d7a6557617ff30aa83bcc875196
http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.4_lpia.deb
Size/MD5: 21778 e04668e8936e1d32e7e33414e570fcee
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.4_lpia.deb
Size/MD5: 59950 9569de467d24173a0c35b838fea647fc
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.4_lpia.deb
Size/MD5: 52576 582213e9cde03104f3c1795d06984197
http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.4_lpia.deb
Size/MD5: 81056 c1a6cca183116319ed1a095806cf1c8c
http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.4_lpia.deb
Size/MD5: 15304 21d41f59b097afbd27a12f7c9e877b32
http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.4_lpia.deb
Size/MD5: 141898 15553deba7c1e9c98136330e97b59119
http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.4_lpia.deb
Size/MD5: 62662 ecc362e334c91a0530c356b17e6a2641
http://ports.ubuntu.com/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.4_lpia.deb
Size/MD5: 33264 325a9170ecf6cd1dc9f955be9bbc1d24
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.4_powerpc.deb
Size/MD5: 37006 3acbe062b83fdc269964eef5675a89c5
http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.4_powerpc.deb
Size/MD5: 121650 74995951c11f700b551f6c8ce2badb23
http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.4_powerpc.deb
Size/MD5: 89384 8f0ce2467cda194e493e87369aab765d
http://ports.ubuntu.com/pool/main/c/cups/cups_1.4.1-5ubuntu2.4_powerpc.deb
Size/MD5: 1930866 ef1a8fd29f47f928b81c785730ce89d9
http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.4_powerpc.deb
Size/MD5: 203588 decd7de1cafe69b61d713988fe55af37
http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.4_powerpc.deb
Size/MD5: 223504 f60c1ea0858fd39961852c870c7fce49
http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.4_powerpc.deb
Size/MD5: 101020 c0ad517da1a8bc09ccf97903a3ded8c9
http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.4_powerpc.deb
Size/MD5: 33348 2424426af873cd4207b8226ebb8490c5
http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.4_powerpc.deb
Size/MD5: 89594 9e6125fb851403ef7e80f09840eaa89a
http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.4_powerpc.deb
Size/MD5: 22324 a4b8cbb7319e42721479d3092ef23f16
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.4_powerpc.deb
Size/MD5: 60618 01ffa1358e2fb0c5dd307cd8d135c14f
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.4_powerpc.deb
Size/MD5: 55376 fa276276aa683c19b9fc10bf65372347
http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.4_powerpc.deb
Size/MD5: 81558 c9060c3ec4eca6ae2ce532f44298e556
http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.4_powerpc.deb
Size/MD5: 15790 c857b043bf0bb4ff3dfc0db38de89f99
http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.4_powerpc.deb
Size/MD5: 141118 92099a9250e369378fe8287e556b21a7
http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.4_powerpc.deb
Size/MD5: 64954 b7da8579507c4db05cc78df34d289f76
http://ports.ubuntu.com/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.4_powerpc.deb
Size/MD5: 34790 964c7ecb9faa3a0b1a115a2a06a66e75
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.4_sparc.deb
Size/MD5: 36068 7ab9b44191ad5078c5f63a521744ca23
http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.4_sparc.deb
Size/MD5: 117816 2be453254c5f80dc1c353acc62a3c443
http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.4_sparc.deb
Size/MD5: 89232 09f73b5d95d3248b5ecc0393036ddbff
http://ports.ubuntu.com/pool/main/c/cups/cups_1.4.1-5ubuntu2.4_sparc.deb
Size/MD5: 1954238 7f4762af124ba5e650569b6fa2fbb5c7
http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.4_sparc.deb
Size/MD5: 201516 730d6a0e1428a7165e01a565cc810d8a
http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.4_sparc.deb
Size/MD5: 210594 4f16bfe7a76a1c9cb137401290c4f5c1
http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.4_sparc.deb
Size/MD5: 102698 fe023955fc4e93236d2ff46b685bc32b
http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.4_sparc.deb
Size/MD5: 31560 4be671eb7500d06a1f949df0d92086e7
http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.4_sparc.deb
Size/MD5: 89804 3e5dbcf536bc2be0435561b4997c796e
http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.4_sparc.deb
Size/MD5: 21380 fce9fff2a5bc990ae97cd67569805789
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.4_sparc.deb
Size/MD5: 58150 e5a43b39220105101c69480fa63075f5
http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.4_sparc.deb
Size/MD5: 50290 1cf2e270243b8f0a6cc56405a8c5bd94
http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.4_sparc.deb
Size/MD5: 80330 fd1073834591fd282edc82e516d7e533
http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.4_sparc.deb
Size/MD5: 14380 e00615f5e33b445f214fd1205b1948cb
http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.4_sparc.deb
Size/MD5: 144322 85692c2dcfd49bb0c0e0aad28ccb670c
http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.4_sparc.deb
Size/MD5: 61450 c809cd1adf184af7e35e60fa9c9c55e3
http://ports.ubuntu.com/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.4_sparc.deb
Size/MD5: 33858 2bddab9378a2a4e3938ce6ed39dc807e
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201207-10
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: CUPS: Multiple vulnerabilities
Date: July 09, 2012
Bugs: #295256, #308045, #325551, #380771
ID: 201207-10
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in CUPS, some of which may
allow execution of arbitrary code or local privilege escalation.
Background
==========
CUPS, the Common Unix Printing System, is a full-featured print server.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-print/cups < 1.4.8-r1 >= 1.4.8-r1
Description
===========
Multiple vulnerabilities have been discovered in CUPS. Please review
the CVE identifiers referenced below for details.
Impact
======
A remote attacker may be able to execute arbitrary code using specially
crafted streams, IPP requests or files, or cause a Denial of Service
(daemon crash or hang). A local attacker may be able to gain escalated
privileges or overwrite arbitrary files. Furthermore, a remote attacker
may be able to obtain sensitive information from the CUPS process or
hijack a CUPS administrator authentication request.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All CUPS users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-print/cups-1.4.8-r1"
NOTE: This is a legacy GLSA. Updates for all affected architectures are
available since September 03, 2011. It is likely that your system is
already no longer affected by this issue.
References
==========
[ 1 ] CVE-2009-3553
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3553
[ 2 ] CVE-2010-0302
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0302
[ 3 ] CVE-2010-0393
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0393
[ 4 ] CVE-2010-0540
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0540
[ 5 ] CVE-2010-0542
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0542
[ 6 ] CVE-2010-1748
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1748
[ 7 ] CVE-2010-2431
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2431
[ 8 ] CVE-2010-2432
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2432
[ 9 ] CVE-2010-2941
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2941
[ 10 ] CVE-2011-3170
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3170
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201207-10.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
| VAR-201003-0346 | CVE-2010-0925 | Apple Safari Used in CFNetwork of cfnetwork.dll Service disruption in (DoS) Vulnerabilities |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
cfnetwork.dll 1.450.5.0 in CFNetwork, as used by safari.exe 531.21.10 in Apple Safari 4.0.4 on Windows, allows remote attackers to cause a denial of service (application crash) via a long string in the SRC attribute of a (1) IMG or (2) IFRAME element. Safari is prone to a denial-of-service vulnerability. Apple Safari is a web browser software
| VAR-201004-0415 | CVE-2010-1544 |
RCA DCM425 Modem micro_httpd Remote Denial of Service Vulnerability
Related entries in the VARIoT exploits database: VAR-E-201002-0132 |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
micro_httpd on the RCA DCM425 cable modem allows remote attackers to cause a denial of service (device reboot) via a long string to TCP port 80. The RCA DCM425 is a broadband cable modem.
Successful exploits will cause the device to crash, denying service to legitimate users. Due to the nature of this issue, it may be possible to leverage this vulnerability to execute arbitrary code but this has not been confirmed.
SOLUTION:
Use the device only in trusted networks.
PROVIDED AND/OR DISCOVERED BY:
ad0nis
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------