Boletines de Vulnerabilidades

int(1031)

Boletines de Vulnerabilidades

Ejecución remota de comandos mediante el filtro foomatic-rip instalado con CUPS
Clasificación de la vulnerabilidad
Propiedad	Valor
Nivel de Confianza	Oficial
Impacto	Obtener acceso
Dificultad	Experto
Requerimientos del atacante	Acceso remoto sin cuenta a un servicio estandar
Información sobre el sistema
Propiedad	Valor
Fabricante afectado	GNU/Linux
Software afectado	CUPS (foomatic-rip)
Descripción
Se ha descubierto una vulnerabilidad en el filtro foomatic-rip que es habitualmente instalado con el servidor de impresión CUPS. La explotación de esta vulnerabilidad podría permitir a un atacante remoto, que este listado en las ACLs de impresión, ejecutar comandos arbitrarios con los privilegios de el usuario de impresión 'lp'.
Solución
Actualización de software SUSE Linux SUSE Linux 9.1 x86 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/cups-1.1.20-108.8.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/cups-libs-1.1.20-108.8.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/cups-client-1.1.20-108.8.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/foomatic-filters-3.0.1-41.6.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/cups-1.1.20-108.8.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/cups-libs-1.1.20-108.8.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/cups-client-1.1.20-108.8.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/foomatic-filters-3.0.1-41.6.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/cups-1.1.20-108.8.src.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/foomatic-filters-3.0.1-41.6.src.rpm x86-64 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/cups-1.1.20-108.8.x86_64.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/cups-libs-1.1.20-108.8.x86_64.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/cups-client-1.1.20-108.8.x86_64.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/foomatic-filters-3.0.1-41.6.x86_64.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/cups-1.1.20-108.8.x86_64.patch.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/cups-libs-1.1.20-108.8.x86_64.patch.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/cups-client-1.1.20-108.8.x86_64.patch.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/foomatic-filters-3.0.1-41.6.x86_64.patch.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/cups-1.1.20-108.8.src.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/foomatic-filters-3.0.1-41.6.src.rpm SUSE Linux 9.0 x86 ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/cups-1.1.19-93.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/cups-libs-1.1.19-93.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/cups-client-1.1.19-93.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/foomatic-filters-3.0.0-100.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/cups-1.1.19-93.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/cups-libs-1.1.19-93.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/cups-client-1.1.19-93.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/foomatic-filters-3.0.0-100.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/cups-1.1.19-93.src.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/foomatic-filters-3.0.0-100.src.rpm x86-64 ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/cups-1.1.19-93.x86_64.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/cups-libs-1.1.19-93.x86_64.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/cups-client-1.1.19-93.x86_64.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/foomatic-filters-3.0.0-100.x86_64.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/cups-1.1.19-93.x86_64.patch.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/cups-libs-1.1.19-93.x86_64.patch.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/cups-client-1.1.19-93.x86_64.patch.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/foomatic-filters-3.0.0-100.x86_64.patch.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/cups-1.1.19-93.src.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/foomatic-filters-3.0.0-100.src.rpm SUSE Linux 8.2 x86 ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/cups-1.1.18-96.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/cups-libs-1.1.18-96.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/cups-client-1.1.18-96.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/cups-1.1.18-96.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/cups-libs-1.1.18-96.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/cups-client-1.1.18-96.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/cups-1.1.18-96.src.rpm SUSE Linux 8.1 x86 ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/cups-1.1.15-170.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/cups-libs-1.1.15-170.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/cups-client-1.1.15-170.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/cups-1.1.15-170.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/cups-libs-1.1.15-170.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/cups-client-1.1.15-170.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/cups-1.1.15-170.src.rpm Suse (foomatic-filters) SUSE Linux 10.1 / x86 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/foomatic-filters-3.0.2-20.3.i586.rpm SUSE LINUX 10.1 / Power PC ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/foomatic-filters-3.0.2-20.3.ppc.rpm SUSE LINUX 10.1 / x86-64 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/foomatic-filters-3.0.2-20.3.x86_64.rpm SUSE LINUX 10.1 / Sources ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/foomatic-filters-3.0.2-20.3.src.rpm SUSE LINUX 10.0 / x86 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/foomatic-filters-3.0.2-4.2.i586.rpm SUSE LINUX 10.0 / Power PC ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/foomatic-filters-3.0.2-4.2.ppc.rpm SUSE LINUX 10.0 / x86-64 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/foomatic-filters-3.0.2-4.2.x86_64.rpm SUSE LINUX 10.0 / Sources ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/foomatic-filters-3.0.2-4.2.src.rpm SUSE LINUX 9.3 / x86 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/foomatic-filters-3.0.2-3.2.i586.rpm SUSE LINUX 9.3 / x86-64 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/foomatic-filters-3.0.2-3.2.x86_64.rpm SUSE LINUX 9.3 / Sources ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/foomatic-filters-3.0.2-3.2.src.rpm Mandrake Linux Mandrakelinux 9.2 x86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/cups-drivers-1.1-116.1.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/foomatic-db-3.0-1.20030908.3.1.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/foomatic-db-engine-3.0-1.20030908.3.1.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/foomatic-filters-3.0-1.20030908.3.1.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/ghostscript-7.07-0.12.1.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/ghostscript-module-X-7.07-0.12.1.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/gimpprint-4.2.5-30.1.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libgimpprint1-4.2.5-30.1.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libgimpprint1-devel-4.2.5-30.1.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libijs0-0.34-56.1.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libijs0-devel-0.34-56.1.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/omni-0.7.2-32.1.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/printer-filters-1.0-116.1.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/printer-testpages-1.0-116.1.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/printer-utils-1.0-116.1.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/SRPMS/printer-drivers-1.0-116.1.92mdk.src.rpm AMD64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/cups-drivers-1.1-116.1.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/foomatic-db-3.0-1.20030908.3.1.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/foomatic-db-engine-3.0-1.20030908.3.1.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/foomatic-filters-3.0-1.20030908.3.1.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/ghostscript-7.07-0.12.1.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/ghostscript-module-X-7.07-0.12.1.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/gimpprint-4.2.5-30.1.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64gimpprint1-4.2.5-30.1.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64gimpprint1-devel-4.2.5-30.1.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64ijs0-0.34-56.1.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64ijs0-devel-0.34-56.1.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/omni-0.7.2-32.1.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/printer-filters-1.0-116.1.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/printer-testpages-1.0-116.1.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/printer-utils-1.0-116.1.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/SRPMS/printer-drivers-1.0-116.1.92mdk.src.rpm Mandrakelinux 10.0 x86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/cups-drivers-1.1-138.2.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/foomatic-db-3.0.1-0.20040828.1.1.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/foomatic-db-engine-3.0.1-0.20040828.1.1.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/foomatic-filters-3.0.1-0.20040828.1.1.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/ghostscript-7.07-19.2.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/ghostscript-module-X-7.07-19.2.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/gimpprint-4.2.7-2.2.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libgimpprint1-4.2.7-2.2.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libgimpprint1-devel-4.2.7-2.2.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libijs0-0.34-76.2.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libijs0-devel-0.34-76.2.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/printer-filters-1.0-138.2.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/printer-testpages-1.0-138.2.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/printer-utils-1.0-138.2.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/SRPMS/printer-drivers-1.0-138.2.100mdk.src.rpm AMD64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/cups-drivers-1.1-138.2.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/foomatic-db-3.0.1-0.20040828.1.1.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/foomatic-db-engine-3.0.1-0.20040828.1.1.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/foomatic-filters-3.0.1-0.20040828.1.1.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/ghostscript-7.07-19.2.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/ghostscript-module-X-7.07-19.2.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/gimpprint-4.2.7-2.2.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64gimpprint1-4.2.7-2.2.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64gimpprint1-devel-4.2.7-2.2.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64ijs0-0.34-76.2.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64ijs0-devel-0.34-76.2.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/printer-filters-1.0-138.2.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/printer-testpages-1.0-138.2.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/printer-utils-1.0-138.2.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/SRPMS/printer-drivers-1.0-138.2.100mdk.src.rpm Sun Sun Java Desktop System (JDS) 2003 - Parche 9321 Linux http://wwws.sun.com/software/javadesktopsystem/faq.html#5q5 http://wwws.sun.com/software/javadesktopsystem/faq.html#5q7 Sun Java Desktop System (JDS) Release 2 - Parche 9321 Linux http://wwws.sun.com/software/javadesktopsystem/faq.html#5q5 http://wwws.sun.com/software/javadesktopsystem/faq.html#5q7 SCO UnixWare 7.1.4 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.12/erg712704.pkg
Identificadores estándar
Propiedad	Valor
CVE	CAN-2004-0801
BID
Recursos adicionales
SUSE Security Announcement: cups (SUSE-SA:2004:031) http://www.suse.de/de/security/2004_31_cups.html SUSE Security Advisory (SUSE-SA:2006:026) http://www.novell.com/linux/security/advisories/2006-05-30.html Mandrakesoft Security Advisory MDKSA-2004:094 http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:094 Sun(sm) Alert Notification 57646 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57646-1 SCO Security Advisory SCOSA-2005.12 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.12/SCOSA-2005.12.txt

Histórico de versiones
Versión	Comentario	Fecha
1.0	Aviso emitido	2004-09-16
1.1	Aviso emitido por Sun (57646)	2004-10-08
1.2	Aviso emitido por SCO (SCOSA-2005.12)	2005-02-08
1.3	Aviso emitido por Suse (SUSE-SA:2006:026)	2006-06-02

Boletines de Vulnerabilidades

Ejecución remota de comandos mediante el filtro foomatic-rip instalado con CUPS

Clasificación de la vulnerabilidad

Información sobre el sistema

Descripción

Solución

Identificadores estándar

Recursos adicionales

Histórico de versiones