Vulnerability Bulletins

int(1031)

Vulnerability Bulletins

Ejecución remota de comandos mediante el filtro foomatic-rip instalado con CUPS
Vulnerability classification
Property	Value
Confidence level	Oficial
Impact	Obtener acceso
Dificulty	Experto
Required attacker level	Acceso remoto sin cuenta a un servicio estandar
System information
Property	Value
Affected manufacturer	GNU/Linux
Affected software	CUPS (foomatic-rip)
Description
Se ha descubierto una vulnerabilidad en el filtro foomatic-rip que es habitualmente instalado con el servidor de impresión CUPS. La explotación de esta vulnerabilidad podría permitir a un atacante remoto, que este listado en las ACLs de impresión, ejecutar comandos arbitrarios con los privilegios de el usuario de impresión 'lp'.
Solution
Actualización de software SUSE Linux SUSE Linux 9.1 x86 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/cups-1.1.20-108.8.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/cups-libs-1.1.20-108.8.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/cups-client-1.1.20-108.8.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/foomatic-filters-3.0.1-41.6.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/cups-1.1.20-108.8.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/cups-libs-1.1.20-108.8.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/cups-client-1.1.20-108.8.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/foomatic-filters-3.0.1-41.6.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/cups-1.1.20-108.8.src.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/foomatic-filters-3.0.1-41.6.src.rpm x86-64 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/cups-1.1.20-108.8.x86_64.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/cups-libs-1.1.20-108.8.x86_64.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/cups-client-1.1.20-108.8.x86_64.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/foomatic-filters-3.0.1-41.6.x86_64.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/cups-1.1.20-108.8.x86_64.patch.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/cups-libs-1.1.20-108.8.x86_64.patch.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/cups-client-1.1.20-108.8.x86_64.patch.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/foomatic-filters-3.0.1-41.6.x86_64.patch.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/cups-1.1.20-108.8.src.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/foomatic-filters-3.0.1-41.6.src.rpm SUSE Linux 9.0 x86 ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/cups-1.1.19-93.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/cups-libs-1.1.19-93.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/cups-client-1.1.19-93.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/foomatic-filters-3.0.0-100.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/cups-1.1.19-93.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/cups-libs-1.1.19-93.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/cups-client-1.1.19-93.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/foomatic-filters-3.0.0-100.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/cups-1.1.19-93.src.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/foomatic-filters-3.0.0-100.src.rpm x86-64 ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/cups-1.1.19-93.x86_64.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/cups-libs-1.1.19-93.x86_64.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/cups-client-1.1.19-93.x86_64.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/foomatic-filters-3.0.0-100.x86_64.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/cups-1.1.19-93.x86_64.patch.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/cups-libs-1.1.19-93.x86_64.patch.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/cups-client-1.1.19-93.x86_64.patch.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/foomatic-filters-3.0.0-100.x86_64.patch.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/cups-1.1.19-93.src.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/foomatic-filters-3.0.0-100.src.rpm SUSE Linux 8.2 x86 ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/cups-1.1.18-96.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/cups-libs-1.1.18-96.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/cups-client-1.1.18-96.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/cups-1.1.18-96.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/cups-libs-1.1.18-96.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/cups-client-1.1.18-96.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/cups-1.1.18-96.src.rpm SUSE Linux 8.1 x86 ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/cups-1.1.15-170.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/cups-libs-1.1.15-170.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/cups-client-1.1.15-170.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/cups-1.1.15-170.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/cups-libs-1.1.15-170.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/cups-client-1.1.15-170.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/cups-1.1.15-170.src.rpm Suse (foomatic-filters) SUSE Linux 10.1 / x86 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/foomatic-filters-3.0.2-20.3.i586.rpm SUSE LINUX 10.1 / Power PC ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/foomatic-filters-3.0.2-20.3.ppc.rpm SUSE LINUX 10.1 / x86-64 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/foomatic-filters-3.0.2-20.3.x86_64.rpm SUSE LINUX 10.1 / Sources ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/foomatic-filters-3.0.2-20.3.src.rpm SUSE LINUX 10.0 / x86 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/foomatic-filters-3.0.2-4.2.i586.rpm SUSE LINUX 10.0 / Power PC ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/foomatic-filters-3.0.2-4.2.ppc.rpm SUSE LINUX 10.0 / x86-64 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/foomatic-filters-3.0.2-4.2.x86_64.rpm SUSE LINUX 10.0 / Sources ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/foomatic-filters-3.0.2-4.2.src.rpm SUSE LINUX 9.3 / x86 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/foomatic-filters-3.0.2-3.2.i586.rpm SUSE LINUX 9.3 / x86-64 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/foomatic-filters-3.0.2-3.2.x86_64.rpm SUSE LINUX 9.3 / Sources ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/foomatic-filters-3.0.2-3.2.src.rpm Mandrake Linux Mandrakelinux 9.2 x86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/cups-drivers-1.1-116.1.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/foomatic-db-3.0-1.20030908.3.1.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/foomatic-db-engine-3.0-1.20030908.3.1.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/foomatic-filters-3.0-1.20030908.3.1.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/ghostscript-7.07-0.12.1.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/ghostscript-module-X-7.07-0.12.1.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/gimpprint-4.2.5-30.1.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libgimpprint1-4.2.5-30.1.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libgimpprint1-devel-4.2.5-30.1.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libijs0-0.34-56.1.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libijs0-devel-0.34-56.1.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/omni-0.7.2-32.1.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/printer-filters-1.0-116.1.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/printer-testpages-1.0-116.1.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/printer-utils-1.0-116.1.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/SRPMS/printer-drivers-1.0-116.1.92mdk.src.rpm AMD64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/cups-drivers-1.1-116.1.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/foomatic-db-3.0-1.20030908.3.1.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/foomatic-db-engine-3.0-1.20030908.3.1.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/foomatic-filters-3.0-1.20030908.3.1.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/ghostscript-7.07-0.12.1.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/ghostscript-module-X-7.07-0.12.1.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/gimpprint-4.2.5-30.1.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64gimpprint1-4.2.5-30.1.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64gimpprint1-devel-4.2.5-30.1.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64ijs0-0.34-56.1.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64ijs0-devel-0.34-56.1.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/omni-0.7.2-32.1.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/printer-filters-1.0-116.1.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/printer-testpages-1.0-116.1.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/printer-utils-1.0-116.1.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/SRPMS/printer-drivers-1.0-116.1.92mdk.src.rpm Mandrakelinux 10.0 x86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/cups-drivers-1.1-138.2.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/foomatic-db-3.0.1-0.20040828.1.1.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/foomatic-db-engine-3.0.1-0.20040828.1.1.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/foomatic-filters-3.0.1-0.20040828.1.1.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/ghostscript-7.07-19.2.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/ghostscript-module-X-7.07-19.2.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/gimpprint-4.2.7-2.2.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libgimpprint1-4.2.7-2.2.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libgimpprint1-devel-4.2.7-2.2.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libijs0-0.34-76.2.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libijs0-devel-0.34-76.2.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/printer-filters-1.0-138.2.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/printer-testpages-1.0-138.2.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/printer-utils-1.0-138.2.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/SRPMS/printer-drivers-1.0-138.2.100mdk.src.rpm AMD64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/cups-drivers-1.1-138.2.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/foomatic-db-3.0.1-0.20040828.1.1.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/foomatic-db-engine-3.0.1-0.20040828.1.1.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/foomatic-filters-3.0.1-0.20040828.1.1.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/ghostscript-7.07-19.2.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/ghostscript-module-X-7.07-19.2.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/gimpprint-4.2.7-2.2.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64gimpprint1-4.2.7-2.2.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64gimpprint1-devel-4.2.7-2.2.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64ijs0-0.34-76.2.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64ijs0-devel-0.34-76.2.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/printer-filters-1.0-138.2.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/printer-testpages-1.0-138.2.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/printer-utils-1.0-138.2.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/SRPMS/printer-drivers-1.0-138.2.100mdk.src.rpm Sun Sun Java Desktop System (JDS) 2003 - Parche 9321 Linux http://wwws.sun.com/software/javadesktopsystem/faq.html#5q5 http://wwws.sun.com/software/javadesktopsystem/faq.html#5q7 Sun Java Desktop System (JDS) Release 2 - Parche 9321 Linux http://wwws.sun.com/software/javadesktopsystem/faq.html#5q5 http://wwws.sun.com/software/javadesktopsystem/faq.html#5q7 SCO UnixWare 7.1.4 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.12/erg712704.pkg
Standar resources
Property	Value
CVE	CAN-2004-0801
BID
Other resources
SUSE Security Announcement: cups (SUSE-SA:2004:031) http://www.suse.de/de/security/2004_31_cups.html SUSE Security Advisory (SUSE-SA:2006:026) http://www.novell.com/linux/security/advisories/2006-05-30.html Mandrakesoft Security Advisory MDKSA-2004:094 http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:094 Sun(sm) Alert Notification 57646 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57646-1 SCO Security Advisory SCOSA-2005.12 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.12/SCOSA-2005.12.txt

Version history
Version	Comments	Date
1.0	Aviso emitido	2004-09-16
1.1	Aviso emitido por Sun (57646)	2004-10-08
1.2	Aviso emitido por SCO (SCOSA-2005.12)	2005-02-08
1.3	Aviso emitido por Suse (SUSE-SA:2006:026)	2006-06-02

Vulnerability Bulletins

Ejecución remota de comandos mediante el filtro foomatic-rip instalado con CUPS

Vulnerability classification

System information

Description

Solution

Standar resources

Other resources

Version history