Details of VAR-200810-0138

ID

VAR-200810-0138

CVE

CVE-2008-3641

TITLE

Multiple PHP XML-RPC implementations vulnerable to code injection

Trust: 0.8

sources: CERT/CC: VU#442845

DESCRIPTION

The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. Authentication is not required to exploit this vulnerability.The specific flaw exists in the Hewlett-Packard Graphics Language filter. CUPS is prone to a remote code-execution vulnerability caused by an error in the 'HP-GL/2 filter. Failed exploit attempts will likely cause a denial-of-service condition. Note that local users may also exploit this vulnerability to elevate privileges. Successful remote exploits may require printer sharing to be enabled on the vulnerable system. The issue affects versions prior to CUPS 1.3.9. NOTE: This issue was previously discussed in BID 31681 (Apple Mac OS X 2008-007 Multiple Security Vulnerabilities), but has been assigned its own record to better document the vulnerability. The security update addresses a total of 11 new vulnerabilities that affect the ColorSync, CUPS, Finder, launchd, Networking, Postfix, PSNormalizer, rlogin, Script Editor, and Weblog components of Mac OS X. The advisory also contains security updates for 30 previously reported issues. An access checking bug in the HP Graphics Language (HPGL) filter could cause arbitrary memory to be overwritten with controlled data. =========================================================== Ubuntu Security Notice USN-656-1 October 15, 2008 cupsys vulnerabilities CVE-2008-1722, CVE-2008-3639, CVE-2008-3640, CVE-2008-3641 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: cupsys 1.2.2-0ubuntu0.6.06.11 Ubuntu 7.04: cupsys 1.2.8-0ubuntu8.6 Ubuntu 7.10: cupsys 1.3.2-1ubuntu7.8 Ubuntu 8.04 LTS: cupsys 1.3.7-1ubuntu3.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that the SGI image filter in CUPS did not perform proper bounds checking. If a user or automated system were tricked into opening a crafted SGI image, an attacker could cause a denial of service. (CVE-2008-3639) It was discovered that the texttops filter in CUPS did not properly validate page metrics. If a user or automated system were tricked into opening a crafted text file, an attacker could cause a denial of service. (CVE-2008-3640) It was discovered that the HP-GL filter in CUPS did not properly check for invalid pen parameters. If a user or automated system were tricked into opening a crafted HP-GL or HP-GL/2 file, a remote attacker could cause a denial of service or execute arbitrary code with user privileges. In Ubuntu 7.10 and 8.04 LTS, attackers would be isolated by the AppArmor CUPS profile. (CVE-2008-3641) NOTE: The previous update for CUPS on Ubuntu 6.06 LTS did not have the the fix for CVE-2008-1722 applied. This update includes fixes for the problem. We apologize for the inconvenience. Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11.diff.gz Size/MD5: 102981 403c1494b264696702f055fc5cdcc60d http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11.dsc Size/MD5: 1052 cc47231c220e8d0e1659cf83d9e08445 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2.orig.tar.gz Size/MD5: 4070384 2c99b8aa4c8dc25c8a84f9c06aa52e3e Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.2.2-0ubuntu0.6.06.11_all.deb Size/MD5: 994 8b094f8389b70e0153d7bbfcd23ed912 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_amd64.deb Size/MD5: 36226 ddea26501964356559ee3a11124acd8b http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_amd64.deb Size/MD5: 81902 670924b1b9a36db787e3b4cc6a7f1782 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_amd64.deb Size/MD5: 2286676 455fe7748b3ab167658bb5b42ef0363a http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_amd64.deb Size/MD5: 6086 dc0bd3799366e32503466ba4588fc4df http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_amd64.deb Size/MD5: 77226 31e781bf2c8f0f4140799b21b9d0484a http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_amd64.deb Size/MD5: 25742 6812b0831f37474b50607e4c6eb83fe5 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_amd64.deb Size/MD5: 129960 88a0b954c9f50df6aa37824b3da7041b i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_i386.deb Size/MD5: 34768 d04de29dfcca09a4dc70a385e8a0766b http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_i386.deb Size/MD5: 77974 efed93511d0ee579706e5cf538378dbd http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_i386.deb Size/MD5: 2253974 30ac219c7cd66460df6fa2b76c147ae8 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_i386.deb Size/MD5: 6090 648459c3b58ddaf1fc646c8cd476e9f8 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_i386.deb Size/MD5: 76350 d044f4fa44a792c81bca198f44687a1e http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_i386.deb Size/MD5: 25740 4c97e6e30f95bd3c3a32c761db4f5183 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_i386.deb Size/MD5: 122178 7298a6d762d2edbe6fd107656932f32a powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_powerpc.deb Size/MD5: 40468 24cf01572a6f790296c1accba097352c http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_powerpc.deb Size/MD5: 89528 0172b346d78458df1a6cd91a371b3b67 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_powerpc.deb Size/MD5: 2301292 f1a755a88fde554fdabbfb8081a88e52 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_powerpc.deb Size/MD5: 6098 f3e962ddc060712ed3ba78bb5625d5e4 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_powerpc.deb Size/MD5: 79004 de095980afadd9352e5d7e92600d75b5 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_powerpc.deb Size/MD5: 25744 21a4d908ae8de551cda885d4835d69c0 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_powerpc.deb Size/MD5: 127932 6e50fa3fa4185c781551e5744331f20b sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_sparc.deb Size/MD5: 35392 ede504cfaaf1e068c68b3fa759777098 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_sparc.deb Size/MD5: 78712 49f458e339846bcc2eb9ffdc482de5be http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_sparc.deb Size/MD5: 2287588 864ab74a020db94ab2acc1283720a05c http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_sparc.deb Size/MD5: 6092 58c6f56f79c35af1b0ca47eaeedd7ea3 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_sparc.deb Size/MD5: 76262 759f3df1a04440d71ae6634109045bf6 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_sparc.deb Size/MD5: 25740 8bbdc7b4842df909bdfb95b96fd9f884 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_sparc.deb Size/MD5: 123662 4c4f4a4faae61a0c3901c63fe58bbf26 Updated packages for Ubuntu 7.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6.diff.gz Size/MD5: 160216 80696d47933857b9665da1492f9a801b http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6.dsc Size/MD5: 1143 0dbd641692767f4e2e5b7f390c412a9f http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8.orig.tar.gz Size/MD5: 4293194 107affe95fcf1cd4aaed4a5c73f4b91f Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.2.8-0ubuntu8.6_all.deb Size/MD5: 926804 41e6c60357740e668198976afcce6bd1 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_amd64.deb Size/MD5: 37404 2d7cb4cb3bfeeeb5af3db756f1a0a5be http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_amd64.deb Size/MD5: 83230 361cd5ffca4125245798312c3a9c7eaa http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_amd64.deb Size/MD5: 1638902 a502a4f981385dcba50ed5b6fc8fe969 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_amd64.deb Size/MD5: 56598 a9f413ff725abe42af63312ea6e826e7 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_amd64.deb Size/MD5: 104860 7bfc0e70546baa2c98421a9dd7a373e6 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_amd64.deb Size/MD5: 144852 9d30fa04e2aa415fb126188aa4d32349 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_amd64.deb Size/MD5: 182728 0ed6d4f8c813e2c36bcaa7b7ca98ccad i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_i386.deb Size/MD5: 36712 014d51e184b4435a28c1e820455fb0a1 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_i386.deb Size/MD5: 80752 4d29ca2e6d3de00e3a10c55c677c8cd6 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_i386.deb Size/MD5: 1621450 551c9d7c9836efe7a927a609699976ad http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_i386.deb Size/MD5: 55720 b70e3b3a1c86aa782a42fcf1a40ff197 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_i386.deb Size/MD5: 104592 ececfa4f50e077d5049116a47cc44965 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_i386.deb Size/MD5: 139320 b5c4606316c175feac7dd9a8f78acc56 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_i386.deb Size/MD5: 179030 b2bb50b90caac66408739e67ecc9fdb5 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_powerpc.deb Size/MD5: 46766 ad2b053736a2165b39f1749b7e3409e0 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_powerpc.deb Size/MD5: 101094 bea4c45325710b1e2d5e67dceb7853bb http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_powerpc.deb Size/MD5: 1696124 7e3469aa52e2de4e93352e44f7623305 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_powerpc.deb Size/MD5: 56398 47755a89a609e4401d70f6adcfcfb9a5 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_powerpc.deb Size/MD5: 110478 94a5f78770c410fce9a0c88a187fe9c4 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_powerpc.deb Size/MD5: 141178 69f22a6730b291c9df2b0541c07223d6 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_powerpc.deb Size/MD5: 188650 634498a8eb5ab4c75eab74e1655234b1 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_sparc.deb Size/MD5: 37778 cde58d9fa7d256698ef6ba128b16a799 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_sparc.deb Size/MD5: 83740 072c6f65496619d5808c542d3a2ebe97 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_sparc.deb Size/MD5: 1659626 a5b6c19a436e9737af44cbaee93d093c http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_sparc.deb Size/MD5: 54928 5a8347021b82084600e0d08971cb41a3 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_sparc.deb Size/MD5: 104156 ca7b062c097aa7f92a9085615fc3e828 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_sparc.deb Size/MD5: 141756 299acfe9e1964d21e7ba2fc3a390ded8 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_sparc.deb Size/MD5: 178292 02e3059c98fb42cb83173e0b3a08d469 Updated packages for Ubuntu 7.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8.diff.gz Size/MD5: 128977 cc7a79b80d0cc2caa8f9c5aea2f9397b http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8.dsc Size/MD5: 1218 4f603d11b93e600bd82009983bc88580 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2.orig.tar.gz Size/MD5: 4848424 9e3e1dee4d872fdff0682041198d3d73 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.2-1ubuntu7.8_all.deb Size/MD5: 1080404 6419c157fd22fcfb2e1563ccced2fcae amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_amd64.deb Size/MD5: 37204 88b05a4cbb9f5714951edade3dd0609b http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_amd64.deb Size/MD5: 89506 cb352043a1985e24614dc27ffa5ded01 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_amd64.deb Size/MD5: 2034890 3a2c4daded2923691da8fe3f60d93f3e http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_amd64.deb Size/MD5: 60020 5007c193bb8416754a9d7e7ad09c4808 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_amd64.deb Size/MD5: 46884 9a2fd628887a01cc2fcb49131ec8ed0f http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_amd64.deb Size/MD5: 152014 7a9debd353faa26803f0e8707a97697a http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_amd64.deb Size/MD5: 186418 13e510e27e1025732d203a933ded8ade i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_i386.deb Size/MD5: 36486 05cb382029ccb2285530af9de662b686 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_i386.deb Size/MD5: 86494 80b08f6080ed3c46e4fc954da05d9e6d http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_i386.deb Size/MD5: 2018384 16b0a7b694a38e4616fce6415116a7e9 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_i386.deb Size/MD5: 58882 8572d274d06e1a650d2d5199ea5dcf6f http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_i386.deb Size/MD5: 46280 158a4aef965ef1c697c5c7aef53f9e90 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_i386.deb Size/MD5: 145692 36b5af34074b13e44e2d2ae5f76fa6fc http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_i386.deb Size/MD5: 183190 fe12de8de5a779538844e2aecd5ccedb lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_lpia.deb Size/MD5: 36570 f73b632b59630a2727e45be083730c23 http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_lpia.deb Size/MD5: 88054 07cfc2fdf8615471278b10550f713a3e http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_lpia.deb Size/MD5: 2020696 d97dab5d5a099884f7bca77dd118233a http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_lpia.deb Size/MD5: 59624 d582e3100eaf68e9b10585ca6ce0a078 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_lpia.deb Size/MD5: 47662 a2e2c5cc101d720249efd108b1a724ca http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_lpia.deb Size/MD5: 142426 8e91390ca3bb0bd98ab7a43017e38a90 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_lpia.deb Size/MD5: 181382 0806d0e1be2fdb48b873ea977107b759 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_powerpc.deb Size/MD5: 46502 1f2a7db4dd6dfc7910a9c84f28425537 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_powerpc.deb Size/MD5: 107736 9a34baee6e8356d911d637e52fcb0747 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_powerpc.deb Size/MD5: 2099614 b0f8237ccff1e54e070645e79e085794 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_powerpc.deb Size/MD5: 59494 c3c1a6f415dacee7b5f0e63e0f83ca6c http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_powerpc.deb Size/MD5: 51856 91fcaca5686ce2070e654699b60514f4 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_powerpc.deb Size/MD5: 146952 205fedd96bd614314b2e9ecb18e78f53 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_powerpc.deb Size/MD5: 192204 0033c62b251a505fb7d80b5b8c96f6b6 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_sparc.deb Size/MD5: 37558 f568ceabe0e419d263b75a5c852eb10a http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_sparc.deb Size/MD5: 89606 d916d0d9478082000a0f698347613387 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_sparc.deb Size/MD5: 2061026 a1b9da985d3d0211790f170443e74ac9 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_sparc.deb Size/MD5: 58098 dc5d816068b451c8926dd06a25e1715b http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_sparc.deb Size/MD5: 45572 9976f70a905893735ee445cca7ecda7f http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_sparc.deb Size/MD5: 148486 48954d641e131708913530887d28c064 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_sparc.deb Size/MD5: 182218 074755797d588b92f7030c0a9562cb67 Updated packages for Ubuntu 8.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1.diff.gz Size/MD5: 133549 8146f7a668701caad4379707ccedf538 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1.dsc Size/MD5: 1433 de3ffa5e20bdbc0bd61cf543cc2d351f http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7.orig.tar.gz Size/MD5: 4700333 383e556d9841475847da6076c88da467 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.7-1ubuntu3.1_all.deb Size/MD5: 1143834 7230e79bb0d6a1435f3ce0de114e1ad3 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_amd64.deb Size/MD5: 37530 0362fc9c1260486e4d1dcccca8dc60a3 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_amd64.deb Size/MD5: 89982 9a1ac844025f66fb85357e1807256331 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_amd64.deb Size/MD5: 1880646 233fbeadff826a6b6f22347559fe8bf5 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_amd64.deb Size/MD5: 60892 98a65443be4d97fb1de2f8580dd67e40 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_amd64.deb Size/MD5: 50356 89ca2e97385912ebf2ffe8a0871610d5 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_amd64.deb Size/MD5: 344926 631f297ea0a13321c61ee211d65fceab http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_amd64.deb Size/MD5: 177500 8dd137567dbc9644bda3b0a799cb2f6a i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_i386.deb Size/MD5: 36952 deba752b21bdf04393626cf35ebb79eb http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_i386.deb Size/MD5: 88408 2e76b5856bde6afe82da9a6b03a98026 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_i386.deb Size/MD5: 1862954 aaa0817cb6b67729276e799275ad3346 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_i386.deb Size/MD5: 60090 b37d935af9661002730cd5cb2b3f11d3 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_i386.deb Size/MD5: 49838 a1d85e18616340eed3778b5286890c08 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_i386.deb Size/MD5: 339344 f3d29993795e7172667356c8d255f296 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_i386.deb Size/MD5: 174354 b1d7b741729749c6a3249fbcd0babe56 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_lpia.deb Size/MD5: 36676 c46beddd8f227e1ee0b1c9a80d41b19a http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_lpia.deb Size/MD5: 88734 c8b70c2665734c45caa22ae41f60b486 http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_lpia.deb Size/MD5: 1865262 27de39c2fbe2471f11b7756b5bc02cc3 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_lpia.deb Size/MD5: 60540 b54c6711e74c55777f0e509f642c42f0 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_lpia.deb Size/MD5: 50860 64989632d1f49f5d25209bb9a68809d5 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_lpia.deb Size/MD5: 337020 ca60ea21ad93aca447e1ae04e0ad818f http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_lpia.deb Size/MD5: 173276 6e0af5026f452171993817fbd6e6b4e7 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_powerpc.deb Size/MD5: 46932 d8e051bd4e95f28090036d7087437127 http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_powerpc.deb Size/MD5: 110808 44e0741ccd8b9edab092b835c6831aca http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_powerpc.deb Size/MD5: 1949134 0facca356ce9e5ffdacffde23d0713e3 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_powerpc.deb Size/MD5: 59924 367a29bd4545906374eb27c511d33658 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_powerpc.deb Size/MD5: 54940 d762741ddd48f75e0e54ffd0efc45645 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_powerpc.deb Size/MD5: 341670 0958081b22a680ccf1f30abc36c06054 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_powerpc.deb Size/MD5: 183238 e303094f36fcc1af0ac40321411bd90a sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_sparc.deb Size/MD5: 38028 a8ee904a732a7392314b9b4f2faf5557 http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_sparc.deb Size/MD5: 91034 832edccd7ed2eec51759bbcce97536b1 http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_sparc.deb Size/MD5: 1897904 31192c6d2b5a6dca4eaf065c541795fc http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_sparc.deb Size/MD5: 57856 398dadf7e1ee5075e4d3e2a4766b4580 http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_sparc.deb Size/MD5: 48242 cc45265b41fd932d084a6bce9888e67f http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_sparc.deb Size/MD5: 341388 9411fb065604b882530faf47a0a85d4e http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_sparc.deb Size/MD5: 173184 4a5e9e3508932262eefe3b08f94019d0 . ZDI-08-067: Apple CUPS 1.3.7 (HP-GL/2 filter) Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-067 October 9, 2008 -- CVE ID: CVE-2008-3641 -- Affected Vendors: Apple -- Affected Products: Apple OS X -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 6325. -- Vendor Response: Apple has issued an update to correct this vulnerability. More details can be found at: http://support.apple.com/kb/HT3216 -- Disclosure Timeline: 2008-08-19 - Vulnerability reported to vendor 2008-10-09 - Coordinated public release of advisory -- Credit: This vulnerability was discovered by: * regenrecht -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/ CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is being sent by 3Com for the sole use of the intended recipient(s) and may contain confidential, proprietary and/or privileged information. Any unauthorized review, use, disclosure and/or distribution by any recipient is prohibited. If you are not the intended recipient, please delete and/or destroy all copies of this message regardless of form and any included attachments and notify 3Com immediately by contacting the sender via reply e-mail or forwarding to 3Com at postmaster@3com.com. ---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: Nucleus XML-RPC PHP Code Execution Vulnerability SECUNIA ADVISORY ID: SA15895 VERIFY ADVISORY: http://secunia.com/advisories/15895/ CRITICAL: Highly critical IMPACT: System access WHERE: >From remote SOFTWARE: Nucleus 3.x http://secunia.com/product/3699/ DESCRIPTION: A vulnerability has been reported in Nucleus, which can be exploited by malicious people to compromise a vulnerable system. http://sourceforge.net/project/showfiles.php?group_id=66479 OTHER REFERENCES: SA15852: http://secunia.com/advisories/15852/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . CVE-2008-3640 It was discovered that an integer overflow in the Postscript conversion tool "texttops" may lead to the execution of arbitrary code. For the stable distribution (etch), these problems have been fixed in version 1.2.7-4etch5. For the unstable distribution (sid) and the upcoming stable distribution (lenny), these problems have been fixed in version 1.3.8-1lenny2 of the source package cups. We recommend that you upgrade your cupsys package. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - ------------------------------- Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7.orig.tar.gz Size/MD5 checksum: 4214272 c9ba33356e5bb93efbcf77b6e142e498 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5.diff.gz Size/MD5 checksum: 108662 eab5aa097eaf3e802b4c6f1c60da9a03 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5.dsc Size/MD5 checksum: 1084 5fc7ea9d5c6434a9f2a45e3d7652b0fe Architecture independent packages: http://security.debian.org/pool/updates/main/c/cupsys/cupsys-common_1.2.7-4etch5_all.deb Size/MD5 checksum: 893832 0e7571a4a56cef8f099ba9300ed7330d http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.2.7-4etch5_all.deb Size/MD5 checksum: 46072 63a75f9fe31312a42725a786164f7762 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_alpha.deb Size/MD5 checksum: 39310 8dad5588b86a4e1191025015d8e0c5be http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_alpha.deb Size/MD5 checksum: 1092376 35c1cd14d3f26fefafbebf1a76983740 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_alpha.deb Size/MD5 checksum: 85906 1d07dcf128e7b78992560b2794be29d4 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_alpha.deb Size/MD5 checksum: 183726 06377f48f1ee358c494f30f9ab213e6b http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_alpha.deb Size/MD5 checksum: 1614540 e87b439635e9b7f7c1fa1c6db2f7291c http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_alpha.deb Size/MD5 checksum: 95570 8638b199a8adb989254cbe88ab11bb7d http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_alpha.deb Size/MD5 checksum: 175262 08dbbe7e941af9c28f39107f907c618a http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_alpha.deb Size/MD5 checksum: 72690 1c099120f9fdcb334d8699b6238c0883 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_amd64.deb Size/MD5 checksum: 142538 4f9183a690ac21a220771db117b1bcea http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_amd64.deb Size/MD5 checksum: 162520 f04bafe61b0e06d21b67441916a4df2a http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_amd64.deb Size/MD5 checksum: 36356 eea9b0c14ac248313264474f4a103478 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_amd64.deb Size/MD5 checksum: 53022 f864e06d82bd0769e7c73d20aa6c3366 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_amd64.deb Size/MD5 checksum: 80708 9e8a7d08f6762753005bc2ac7ac04db7 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_amd64.deb Size/MD5 checksum: 86264 3784680669a08745d6c766213e3d60f3 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_amd64.deb Size/MD5 checksum: 1576062 c5f275763d3cd0bec5e448965780ea0b http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_amd64.deb Size/MD5 checksum: 1088040 106654a5c5a746e5bd1043ca4309deae arm architecture (ARM) http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_arm.deb Size/MD5 checksum: 132042 b1da3e68e04c68712a7f2ecebbea59d3 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_arm.deb Size/MD5 checksum: 1026238 e776ce47912d97de7758029cddf18c41 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_arm.deb Size/MD5 checksum: 155174 2203ae0043e540bb4c083c3f302294a9 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_arm.deb Size/MD5 checksum: 78908 a60d8486ab41fe7064d84fdf1c057ce5 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_arm.deb Size/MD5 checksum: 48742 9c6f61fb9c5af3f1496c249eb79542ce http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_arm.deb Size/MD5 checksum: 1569620 943fdc257cdf387c1a161adff88623bd http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_arm.deb Size/MD5 checksum: 85468 3e9d699071d741d86c5e2fbcc91a5241 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_arm.deb Size/MD5 checksum: 35940 0bb609f5c990c932c0fed843bb659062 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_hppa.deb Size/MD5 checksum: 84800 df6569c3eaad919b7f7768a75277838f http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_hppa.deb Size/MD5 checksum: 91988 08040e0dcc8cc99298d40aa370be50cc http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_hppa.deb Size/MD5 checksum: 1624214 e5d55a0aeacee0d85d7899018725b3d3 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_hppa.deb Size/MD5 checksum: 153956 e11bfd3cb812f0892238a676a3453967 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_hppa.deb Size/MD5 checksum: 171790 5b483d2f739ed456d94cf28047b2b2f5 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_hppa.deb Size/MD5 checksum: 39548 181a14e58af274287bf02f8a758b70b5 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_hppa.deb Size/MD5 checksum: 57398 715a6f4bb1b68b8a384a85ac384de668 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_hppa.deb Size/MD5 checksum: 1032836 e1d9158ff6134678b976331566db0076 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_i386.deb Size/MD5 checksum: 999302 2ccf6ae0ef6f3d3dd56e484ba2199313 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_i386.deb Size/MD5 checksum: 160638 f22f7da23cd3dea82d49cc9900d62512 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_i386.deb Size/MD5 checksum: 138276 392028f61da2c29dcab1ffe3b4fe072f http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_i386.deb Size/MD5 checksum: 1548856 e1e04e47f556586eb83aff005d4870d2 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_i386.deb Size/MD5 checksum: 36474 9bea3cd926f04da508b6a714f0a1daac http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_i386.deb Size/MD5 checksum: 86776 f3188eafaa1bd01a7b92d9403aab03a1 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_i386.deb Size/MD5 checksum: 79878 ba1ed2b707101da54b3990b33ee1d877 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_i386.deb Size/MD5 checksum: 53276 346cdebc7980089b28610ceb30f65519 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_ia64.deb Size/MD5 checksum: 106226 829b2e5f435c8fb5eee03513654ee12f http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_ia64.deb Size/MD5 checksum: 106998 08fcec24b8c165542d986a1fd174ddd3 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_ia64.deb Size/MD5 checksum: 46336 32d29b5c2986070f5d5b909864952dc3 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_ia64.deb Size/MD5 checksum: 1771030 e7b261b4627ee20a3083a4f18a382e24 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_ia64.deb Size/MD5 checksum: 192370 576e218a37e677170e9201946f24da5a http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_ia64.deb Size/MD5 checksum: 1108310 bdee8fbcfd10ba2847ab81ced8e9cc73 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_ia64.deb Size/MD5 checksum: 204232 d5eb2138a8584813643dfe4e39d2fefb http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_ia64.deb Size/MD5 checksum: 74224 846a87584f78285569aee9c037b677d9 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_mipsel.deb Size/MD5 checksum: 158560 74bc73b9eb3c7494ce762f7beb9ab4cd http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_mipsel.deb Size/MD5 checksum: 1553460 cd35f3de34290840be09b1b10729d7b3 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_mipsel.deb Size/MD5 checksum: 150900 150e5405933cef2a8cf9147d88c9a4fb http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_mipsel.deb Size/MD5 checksum: 57860 2b7cdd4399e2893d2df0b5568d766239 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_mipsel.deb Size/MD5 checksum: 86996 d4776eace76cb37f72557a44d053a677 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_mipsel.deb Size/MD5 checksum: 1085494 429194a44228d669ecfa2acdeadf55e6 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_mipsel.deb Size/MD5 checksum: 36058 f28b3f705fd293fc82a256d571119452 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_mipsel.deb Size/MD5 checksum: 77448 4a9be71b3fc25253b1e77c2594e7f508 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_powerpc.deb Size/MD5 checksum: 51880 d1b872415002b54aba1ef54833cd5564 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_powerpc.deb Size/MD5 checksum: 90008 fe2be6aba034693532a01b653781f501 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_powerpc.deb Size/MD5 checksum: 1576600 d954a84710f9671d34eca72922f8d1d8 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_powerpc.deb Size/MD5 checksum: 136868 ee633edb72a9d6d74481d9fe17d887d5 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_powerpc.deb Size/MD5 checksum: 1143388 320529a907596704df487d89978e1948 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_powerpc.deb Size/MD5 checksum: 41296 8e0fed6ae1645411f4daa52842ead589 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_powerpc.deb Size/MD5 checksum: 163206 d0fc59550e27b346adb422e4d82cecaf http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_powerpc.deb Size/MD5 checksum: 88476 dfe47fbfeef0a714d6397ec9467165af s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_s390.deb Size/MD5 checksum: 1037260 a151e36916ffd7eae88e6b82cc0c08d7 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_s390.deb Size/MD5 checksum: 37420 b095022e25c603ee57748795c4ec423b http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_s390.deb Size/MD5 checksum: 82338 3417e5562b6aa064ab5d3d11f15a69fb http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_s390.deb Size/MD5 checksum: 87928 6eea10e5b223fbd5f5a8d524bb03ab8e http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_s390.deb Size/MD5 checksum: 1587330 8b66abd7e3156f3beeaa27fbd971cbde http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_s390.deb Size/MD5 checksum: 166710 10f172f4c48ab9981d7c48564a2142a4 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_s390.deb Size/MD5 checksum: 144932 3955c00c6293f7aec0a7cb9edb28a16d http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_s390.deb Size/MD5 checksum: 52524 b4e639621d58f91a8ec32043534c008f sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_sparc.deb Size/MD5 checksum: 51826 8e3613f9041774f1dd42586782780fb5 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_sparc.deb Size/MD5 checksum: 159434 d2352f19b51feab43fc17b5e3f17bb2b http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_sparc.deb Size/MD5 checksum: 138734 8b53d144485267cb99ec8a32262446e8 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_sparc.deb Size/MD5 checksum: 1577758 748b77d9e54a363d46cd61548e72df7c http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_sparc.deb Size/MD5 checksum: 996834 0ad8037cbb3959581a0aeb29eb84a853 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_sparc.deb Size/MD5 checksum: 85790 16bf4ce2378a68fc9b0ce4052e463e5d http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_sparc.deb Size/MD5 checksum: 36062 426fe5dbac939828393d99e561abf0e3 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_sparc.deb Size/MD5 checksum: 78608 f469105c5d9f121c333d5e4ac315c7be These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkj8vewACgkQXm3vHE4uylo3VQCfe5/oLteemHII7TUL80ybcnZd REIAn1hdR3STx867KCMafAi58O1fia05 =T/kw -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2008:211 http://www.mandriva.com/security/ _______________________________________________________________________ Package : cups Date : October 10, 2008 Affected: 2007.1, 2008.0, 2008.1, 2009.0, Corporate 3.0, Corporate 4.0 _______________________________________________________________________ Problem Description: A buffer overflow in the SGI image format decoding routines used by the CUPS image converting filter imagetops was discovered. An integer overflow flaw leading to a heap buffer overflow was found in the Text-to-PostScript texttops filter. Finally, an insufficient buffer bounds checking flaw was found in the HP-GL/2-to-PostScript hpgltops filter. The updated packages have been patched to prevent this issue; for Mandriva Linux 2009.0 the latest CUPS version (1.3.9) is provided that corrects these issues and also provides other bug fixes. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3639 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3640 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3641 _______________________________________________________________________ Updated Packages: Mandriva Linux 2007.1: d8041b477aac8897e465fd7885c4f046 2007.1/i586/cups-1.2.10-2.8mdv2007.1.i586.rpm 85169e175683eee33f38c3dc6dca555d 2007.1/i586/cups-common-1.2.10-2.8mdv2007.1.i586.rpm 3838db5f9b5313587335232f4bdfadb7 2007.1/i586/cups-serial-1.2.10-2.8mdv2007.1.i586.rpm 4dac70286d0aaa55d0c585c4e485f4d6 2007.1/i586/libcups2-1.2.10-2.8mdv2007.1.i586.rpm 2647b541d7a80ea194d6cc4983342e14 2007.1/i586/libcups2-devel-1.2.10-2.8mdv2007.1.i586.rpm 5bf9cba238150a77016869b2b600e0bd 2007.1/i586/php-cups-1.2.10-2.8mdv2007.1.i586.rpm 3762b10d3a6b962ec6932856d635a119 2007.1/SRPMS/cups-1.2.10-2.8mdv2007.1.src.rpm Mandriva Linux 2007.1/X86_64: 27098b09dc01c70600c55572cb928422 2007.1/x86_64/cups-1.2.10-2.8mdv2007.1.x86_64.rpm fbd01859759af3a2e32244cfff7aaa33 2007.1/x86_64/cups-common-1.2.10-2.8mdv2007.1.x86_64.rpm 4197004f7a59cc90d8d51f8ff34e2997 2007.1/x86_64/cups-serial-1.2.10-2.8mdv2007.1.x86_64.rpm 6cc45d922f07d379db0de2e08eb1589e 2007.1/x86_64/lib64cups2-1.2.10-2.8mdv2007.1.x86_64.rpm d7443db8a26f27b41c32c95dee129437 2007.1/x86_64/lib64cups2-devel-1.2.10-2.8mdv2007.1.x86_64.rpm eca467e20954fea23fd050ee41d2ca4a 2007.1/x86_64/php-cups-1.2.10-2.8mdv2007.1.x86_64.rpm 3762b10d3a6b962ec6932856d635a119 2007.1/SRPMS/cups-1.2.10-2.8mdv2007.1.src.rpm Mandriva Linux 2008.0: 837c0714eef677dfcdb1befc56012db5 2008.0/i586/cups-1.3.6-1.3mdv2008.0.i586.rpm cb8d17edacf1dc1dc5915fbb35745d9a 2008.0/i586/cups-common-1.3.6-1.3mdv2008.0.i586.rpm 635eb3405a6b5a4b93ca6373207093df 2008.0/i586/cups-serial-1.3.6-1.3mdv2008.0.i586.rpm 59939c1a2a730a0887750bafb4cabee1 2008.0/i586/libcups2-1.3.6-1.3mdv2008.0.i586.rpm 6183d24df353f4e8082374951636a657 2008.0/i586/libcups2-devel-1.3.6-1.3mdv2008.0.i586.rpm 0f1df17bf9cc86bb607ef28d4b29c6b2 2008.0/i586/php-cups-1.3.6-1.3mdv2008.0.i586.rpm 68ac87937182de901cece9b93ba700fa 2008.0/SRPMS/cups-1.3.6-1.3mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: 5b73d5bfebbc66f8a56922c7b943f351 2008.0/x86_64/cups-1.3.6-1.3mdv2008.0.x86_64.rpm a41d07d80c38b30ee5357b25f7b828ab 2008.0/x86_64/cups-common-1.3.6-1.3mdv2008.0.x86_64.rpm 34d6d4eb79b1ee5a9235843398301646 2008.0/x86_64/cups-serial-1.3.6-1.3mdv2008.0.x86_64.rpm 3157dcaafb55463d8ad149d99e4d0c55 2008.0/x86_64/lib64cups2-1.3.6-1.3mdv2008.0.x86_64.rpm 78b5f7fcedbbbef9c2318977b5f50264 2008.0/x86_64/lib64cups2-devel-1.3.6-1.3mdv2008.0.x86_64.rpm 082094f0923f72890f6dbb47eb9072b4 2008.0/x86_64/php-cups-1.3.6-1.3mdv2008.0.x86_64.rpm 68ac87937182de901cece9b93ba700fa 2008.0/SRPMS/cups-1.3.6-1.3mdv2008.0.src.rpm Mandriva Linux 2008.1: c22f4c131005e05768b0c45e931015c7 2008.1/i586/cups-1.3.6-5.2mdv2008.1.i586.rpm 8f1ad7b01f0d48aa920cb2378f5fce0a 2008.1/i586/cups-common-1.3.6-5.2mdv2008.1.i586.rpm 763dfee5def4727b34769298beb5c9fe 2008.1/i586/cups-serial-1.3.6-5.2mdv2008.1.i586.rpm dadd48446b97869372535fb2ef02a471 2008.1/i586/libcups2-1.3.6-5.2mdv2008.1.i586.rpm cf48ae8c17120d7d83b638f432620797 2008.1/i586/libcups2-devel-1.3.6-5.2mdv2008.1.i586.rpm 33d7dcb6b32e58bc38e847f827447b54 2008.1/i586/php-cups-1.3.6-5.2mdv2008.1.i586.rpm 25997a30a1fbc24e4a1a5017d15ac526 2008.1/SRPMS/cups-1.3.6-5.2mdv2008.1.src.rpm Mandriva Linux 2008.1/X86_64: 3804ff0deea819d375cdee86b1d98bf4 2008.1/x86_64/cups-1.3.6-5.2mdv2008.1.x86_64.rpm 9f8550ffbb7778636b18c33c6854e163 2008.1/x86_64/cups-common-1.3.6-5.2mdv2008.1.x86_64.rpm 077652b9f481f72873b6e94a0f54fe17 2008.1/x86_64/cups-serial-1.3.6-5.2mdv2008.1.x86_64.rpm 569bcdcf971b564d3ad3cec8b6281fec 2008.1/x86_64/lib64cups2-1.3.6-5.2mdv2008.1.x86_64.rpm 05ce67f5f2bf9f27b69963bbc0ba3f6e 2008.1/x86_64/lib64cups2-devel-1.3.6-5.2mdv2008.1.x86_64.rpm 8a48fbfa84679702c496744f394ac4f6 2008.1/x86_64/php-cups-1.3.6-5.2mdv2008.1.x86_64.rpm 25997a30a1fbc24e4a1a5017d15ac526 2008.1/SRPMS/cups-1.3.6-5.2mdv2008.1.src.rpm Mandriva Linux 2009.0: 3480a3533f163c8559254c7dc7dccca4 2009.0/i586/cups-1.3.9-0.1mdv2009.0.i586.rpm 2eda3ae527a0d6477bf2f52f57f37297 2009.0/i586/cups-common-1.3.9-0.1mdv2009.0.i586.rpm 1b0849a0dcd6cc52debfdc23ca347e60 2009.0/i586/cups-serial-1.3.9-0.1mdv2009.0.i586.rpm 9ef6a24d1e8155bea9e7e148252dc4e7 2009.0/i586/libcups2-1.3.9-0.1mdv2009.0.i586.rpm 2a8be000df9a71f506a039e58faaf1b4 2009.0/i586/libcups2-devel-1.3.9-0.1mdv2009.0.i586.rpm 7f04461fd982b387144f73612b3cbd86 2009.0/i586/php-cups-1.3.9-0.1mdv2009.0.i586.rpm 1c16860c6f7af958cb6744dd60ffd63e 2009.0/SRPMS/cups-1.3.9-0.1mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: 926221e97b7c4c52562468b26066f049 2009.0/x86_64/cups-1.3.9-0.1mdv2009.0.x86_64.rpm 96abb10e235084a80cd17c79cc31a360 2009.0/x86_64/cups-common-1.3.9-0.1mdv2009.0.x86_64.rpm cb817300fa6d8c9b40a0f8a01572d691 2009.0/x86_64/cups-serial-1.3.9-0.1mdv2009.0.x86_64.rpm d56cea0645b26b668f9b8a66f2dc090f 2009.0/x86_64/lib64cups2-1.3.9-0.1mdv2009.0.x86_64.rpm f4a04369ad8d202d87ea49a3da4ab67c 2009.0/x86_64/lib64cups2-devel-1.3.9-0.1mdv2009.0.x86_64.rpm 85124180f179ae504ad2f27ef814683d 2009.0/x86_64/php-cups-1.3.9-0.1mdv2009.0.x86_64.rpm 1c16860c6f7af958cb6744dd60ffd63e 2009.0/SRPMS/cups-1.3.9-0.1mdv2009.0.src.rpm Corporate 3.0: d235e680a70a94ce2c32a556a1fea6d5 corporate/3.0/i586/cups-1.1.20-5.19.C30mdk.i586.rpm eccffd52489f0aca14a11b6b88a5c59f corporate/3.0/i586/cups-common-1.1.20-5.19.C30mdk.i586.rpm 743aad40e707a1c6ec8de19e6ba19668 corporate/3.0/i586/cups-serial-1.1.20-5.19.C30mdk.i586.rpm 931bd82e26396ef7109369893e8fb740 corporate/3.0/i586/libcups2-1.1.20-5.19.C30mdk.i586.rpm 007b156ceb1f78c107a05bba499f544d corporate/3.0/i586/libcups2-devel-1.1.20-5.19.C30mdk.i586.rpm 685d93ef91df7b10faefae3d9c8a2e20 corporate/3.0/SRPMS/cups-1.1.20-5.19.C30mdk.src.rpm Corporate 3.0/X86_64: c57219da87ef50832e74efbfd3471f64 corporate/3.0/x86_64/cups-1.1.20-5.19.C30mdk.x86_64.rpm 6f9772a800e70f1e3766d76de8dcf6e3 corporate/3.0/x86_64/cups-common-1.1.20-5.19.C30mdk.x86_64.rpm e1221063527caed05a6e94f9cebed9ab corporate/3.0/x86_64/cups-serial-1.1.20-5.19.C30mdk.x86_64.rpm a0b15b24cfc995a7a769c1e87d53a696 corporate/3.0/x86_64/lib64cups2-1.1.20-5.19.C30mdk.x86_64.rpm aaabff95ac9a30ff1d9ce224612bcb50 corporate/3.0/x86_64/lib64cups2-devel-1.1.20-5.19.C30mdk.x86_64.rpm 685d93ef91df7b10faefae3d9c8a2e20 corporate/3.0/SRPMS/cups-1.1.20-5.19.C30mdk.src.rpm Corporate 4.0: 56f3e394ac8e4b4e7d423c7989d2e6af corporate/4.0/i586/cups-1.2.4-0.10.20060mlcs4.i586.rpm dcb4425723e63a2d094305cde05890f3 corporate/4.0/i586/cups-common-1.2.4-0.10.20060mlcs4.i586.rpm 348427ebb4f1f1f530c3c129850de957 corporate/4.0/i586/cups-serial-1.2.4-0.10.20060mlcs4.i586.rpm d0a8052949416c5ba260b48596cbf415 corporate/4.0/i586/libcups2-1.2.4-0.10.20060mlcs4.i586.rpm ab7637abe249e4369cf39d37113ba37f corporate/4.0/i586/libcups2-devel-1.2.4-0.10.20060mlcs4.i586.rpm 86af12b21de1212e72286e9b2db23caa corporate/4.0/i586/php-cups-1.2.4-0.10.20060mlcs4.i586.rpm 5a7d0a19238e8b654821bb87355f9f27 corporate/4.0/SRPMS/cups-1.2.4-0.10.20060mlcs4.src.rpm Corporate 4.0/X86_64: 59784628a2385248e8d71c1476773071 corporate/4.0/x86_64/cups-1.2.4-0.10.20060mlcs4.x86_64.rpm a7933ad29b9a77973fcf7feb02c381b9 corporate/4.0/x86_64/cups-common-1.2.4-0.10.20060mlcs4.x86_64.rpm 26da08a5da63053f418e47792cf26280 corporate/4.0/x86_64/cups-serial-1.2.4-0.10.20060mlcs4.x86_64.rpm 0614662f2661171ade097e562a94c635 corporate/4.0/x86_64/lib64cups2-1.2.4-0.10.20060mlcs4.x86_64.rpm a899db16ce3db8ec71aaef67a6650616 corporate/4.0/x86_64/lib64cups2-devel-1.2.4-0.10.20060mlcs4.x86_64.rpm 9e3dc91c4390d7ba60ca26dcc095b8d8 corporate/4.0/x86_64/php-cups-1.2.4-0.10.20060mlcs4.x86_64.rpm 5a7d0a19238e8b654821bb87355f9f27 corporate/4.0/SRPMS/cups-1.2.4-0.10.20060mlcs4.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFI8DeJmqjQ0CJFipgRAmbxAKCxSRvJTtancZ/puQkgifGbRQnZIQCg6Bum EnuxPIlaIiQWBIjMSk4WWoo= =aMXC -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200812-11 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: CUPS: Multiple vulnerabilities Date: December 10, 2008 Bugs: #238976, #249727 ID: 200812-11 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Several remotely exploitable bugs have been found in CUPS, which allow remote execution of arbitrary code. Background ========== CUPS is the Common Unix Printing System. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-print/cups < 1.3.9-r1 >= 1.3.9-r1 Description =========== Several buffer overflows were found in: * The read_rle16 function in imagetops (CVE-2008-3639, found by regenrecht, reported via ZDI) * The WriteProlog function in texttops (CVE-2008-3640, found by regenrecht, reported via ZDI) * The Hewlett-Packard Graphics Language (HPGL) filter (CVE-2008-3641, found by regenrecht, reported via iDefense) * The _cupsImageReadPNG function (CVE-2008-5286, reported by iljavs) Impact ====== A remote attacker could send specially crafted input to a vulnerable server, resulting in the remote execution of arbitrary code with the privileges of the user running the server. Workaround ========== None this time. Resolution ========== All CUPS users should upgrade to the latest version. # emerge --sync # emerge --ask --oneshot --verbose ">=net-print/cups-1.3.9-r1" References ========== [ 1 ] CVE-2008-3639 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3639 [ 2 ] CVE-2008-3640 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3640 [ 3 ] CVE-2008-3641 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3641 [ 4 ] CVE-2008-5286 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5286 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200812-11.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

Trust: 4.14

sources: NVD: CVE-2008-3641 // CERT/CC: VU#442845 // JVNDB: JVNDB-2008-001826 // ZDI: ZDI-08-067 // BID: 31688 // BID: 31681 // VULHUB: VHN-33766 // PACKETSTORM: 70974 // PACKETSTORM: 70829 // PACKETSTORM: 38388 // PACKETSTORM: 71087 // PACKETSTORM: 70839 // PACKETSTORM: 72870

AFFECTED PRODUCTS

vendor:	apple	model:	cups	scope:	eq	version:	1.1.15	Trust: 1.6
vendor:	apple	model:	cups	scope:	eq	version:	1.1.13	Trust: 1.6
vendor:	apple	model:	cups	scope:	eq	version:	1.1.14	Trust: 1.6
vendor:	apple	model:	cups	scope:	eq	version:	1.1.19	Trust: 1.6
vendor:	apple	model:	cups	scope:	eq	version:	1.1.16	Trust: 1.6
vendor:	apple	model:	cups	scope:	eq	version:	1.3	Trust: 1.6
vendor:	apple	model:	cups	scope:	eq	version:	1.1.18	Trust: 1.6
vendor:	apple	model:	cups	scope:	eq	version:	1.1.11	Trust: 1.6
vendor:	apple	model:	cups	scope:	eq	version:	1.1.17	Trust: 1.6
vendor:	apple	model:	cups	scope:	eq	version:	1.1.12	Trust: 1.6
vendor:	apple	model:	cups	scope:	eq	version:	1.2.8	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.7	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.9-1	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.4	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.3.6	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.6-1	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.6	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.10	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.0	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.7	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.21	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.6-2	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.1	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.3	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.12	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.23	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.8	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.11	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.3.0	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.3.4	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.3.3	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.5-2	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.10-1	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.5	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.2	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.10	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.9	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.3.1	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.6	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.9	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.3	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.6-3	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.5	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.5-1	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.20	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.22	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.3.2	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.3.5	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.1	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.1.4	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.3.7	Trust: 1.0
vendor:	apple	model:	cups	scope:	eq	version:	1.2.2	Trust: 1.0
vendor:	apple	model:	cups	scope:	lte	version:	1.3.8	Trust: 1.0
vendor:	drupal	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	gentoo linux	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	mandriva	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	pear xml rpc	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	phpxmlrpc	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	postnuke	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	red hat	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	serendipity	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	trustix secure linux	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	ubuntu linux	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	wordpress	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	xoops	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	phpmyfaq	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	cups	model:	cups	scope:	lt	version:	1.3.9	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	v10.4.11	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	v10.5.5	Trust: 0.8
vendor:	apple	model:	mac os x server	scope:	eq	version:	v10.4.11	Trust: 0.8
vendor:	apple	model:	mac os x server	scope:	eq	version:	v10.5.5	Trust: 0.8
vendor:	cybertrust	model:	asianux server	scope:	eq	version:	3 (x86)	Trust: 0.8
vendor:	cybertrust	model:	asianux server	scope:	eq	version:	3 (x86-64)	Trust: 0.8
vendor:	cybertrust	model:	asianux server	scope:	eq	version:	3.0	Trust: 0.8
vendor:	cybertrust	model:	asianux server	scope:	eq	version:	3.0 (x86-64)	Trust: 0.8
vendor:	cybertrust	model:	asianux server	scope:	eq	version:	4.0	Trust: 0.8
vendor:	cybertrust	model:	asianux server	scope:	eq	version:	4.0 (x86-64)	Trust: 0.8
vendor:	turbo linux	model:	turbolinux appliance server	scope:	eq	version:	1.0 (hosting)	Trust: 0.8
vendor:	turbo linux	model:	turbolinux appliance server	scope:	eq	version:	1.0 (workgroup)	Trust: 0.8
vendor:	turbo linux	model:	turbolinux appliance server	scope:	eq	version:	2.0	Trust: 0.8
vendor:	turbo linux	model:	turbolinux appliance server	scope:	eq	version:	3.0	Trust: 0.8
vendor:	turbo linux	model:	turbolinux appliance server	scope:	eq	version:	3.0 (x64)	Trust: 0.8
vendor:	turbo linux	model:	turbolinux client	scope:	eq	version:	2008	Trust: 0.8
vendor:	turbo linux	model:	turbolinux fuji	scope:	-	version:	-	Trust: 0.8
vendor:	turbo linux	model:	turbolinux multimedia	scope:	-	version:	-	Trust: 0.8
vendor:	turbo linux	model:	turbolinux personal	scope:	-	version:	-	Trust: 0.8
vendor:	turbo linux	model:	turbolinux server	scope:	eq	version:	10	Trust: 0.8
vendor:	turbo linux	model:	turbolinux server	scope:	eq	version:	10 (x64)	Trust: 0.8
vendor:	turbo linux	model:	turbolinux server	scope:	eq	version:	11	Trust: 0.8
vendor:	turbo linux	model:	turbolinux server	scope:	eq	version:	11 (x64)	Trust: 0.8
vendor:	turbo linux	model:	wizpy	scope:	-	version:	-	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	3 (as)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	3 (es)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	3 (ws)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	4 (as)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	4 (es)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	4 (ws)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	5 (server)	Trust: 0.8
vendor:	red hat	model:	enterprise linux desktop	scope:	eq	version:	3.0	Trust: 0.8
vendor:	red hat	model:	enterprise linux desktop	scope:	eq	version:	4.0	Trust: 0.8
vendor:	red hat	model:	enterprise linux desktop	scope:	eq	version:	5.0 (client)	Trust: 0.8
vendor:	red hat	model:	rhel desktop workstation	scope:	eq	version:	5 (client)	Trust: 0.8
vendor:	apple	model:	os x	scope:	-	version:	-	Trust: 0.7
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5.3	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.10	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.5	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5.4	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5.1	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.4	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.6	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.11	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.8	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.9	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5.5	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.7	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.1	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5.2	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.2	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.3	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.3	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.10	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.5	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.4	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.1	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.4	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.6	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.8	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.9	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.5	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.1	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.2	Trust: 0.6
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.7	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.2	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.3	Trust: 0.6
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.11	Trust: 0.6
vendor:	easy	model:	software products cups	scope:	eq	version:	1.1.10	Trust: 0.3
vendor:	sun	model:	opensolaris build snv 95	scope:	-	version:	-	Trust: 0.3
vendor:	easy	model:	software products cups	scope:	eq	version:	1.1.4	Trust: 0.3
vendor:	suse	model:	linux enterprise desktop sp2	scope:	eq	version:	10	Trust: 0.3
vendor:	turbolinux	model:	server	scope:	eq	version:	11x64	Trust: 0.3
vendor:	easy	model:	software products cups	scope:	eq	version:	1.1.21	Trust: 0.3
vendor:	sun	model:	opensolaris build snv 93	scope:	-	version:	-	Trust: 0.3
vendor:	rpath	model:	linux	scope:	eq	version:	1	Trust: 0.3
vendor:	mandrakesoft	model:	corporate server x86 64	scope:	eq	version:	4.0	Trust: 0.3
vendor:	ubuntu	model:	linux lts powerpc	scope:	eq	version:	6.06	Trust: 0.3
vendor:	turbolinux	model:	appliance server	scope:	eq	version:	3.0	Trust: 0.3
vendor:	turbolinux	model:	server	scope:	eq	version:	11	Trust: 0.3
vendor:	easy	model:	software products cups	scope:	eq	version:	1.1.4-5	Trust: 0.3
vendor:	avaya	model:	messaging storage server	scope:	eq	version:	3.1	Trust: 0.3
vendor:	easy	model:	software products cups	scope:	eq	version:	1.3.5	Trust: 0.3
vendor:	pardus	model:	linux	scope:	eq	version:	20080	Trust: 0.3
vendor:	turbolinux	model:	personal	scope:	-	version:	-	Trust: 0.3
vendor:	easy	model:	software products cups	scope:	eq	version:	1.1.4-2	Trust: 0.3
vendor:	turbolinux	model:	appliance server hosting edition	scope:	eq	version:	1.0	Trust: 0.3
vendor:	easy	model:	software products cups	scope:	eq	version:	1.1.14	Trust: 0.3
vendor:	ubuntu	model:	linux sparc	scope:	eq	version:	7.04	Trust: 0.3
vendor:	ubuntu	model:	linux lts amd64	scope:	eq	version:	8.04	Trust: 0.3
vendor:	s u s e	model:	opensuse	scope:	eq	version:	11.1	Trust: 0.3
vendor:	easy	model:	software products cups	scope:	eq	version:	1.1.15	Trust: 0.3
vendor:	mandriva	model:	linux mandrake x86 64	scope:	eq	version:	2007.1	Trust: 0.3
vendor:	redhat	model:	desktop	scope:	eq	version:	4.0	Trust: 0.3
vendor:	ubuntu	model:	linux lts powerpc	scope:	eq	version:	8.04	Trust: 0.3
vendor:	avaya	model:	proactive contact	scope:	eq	version:	3.0	Trust: 0.3
vendor:	ubuntu	model:	linux powerpc	scope:	eq	version:	7.04	Trust: 0.3
vendor:	easy	model:	software products cups	scope:	eq	version:	1.2.10	Trust: 0.3
vendor:	sun	model:	opensolaris build snv 101a	scope:	-	version:	-	Trust: 0.3
vendor:	red	model:	hat enterprise linux desktop client	scope:	eq	version:	5	Trust: 0.3
vendor:	sun	model:	opensolaris build snv 99	scope:	-	version:	-	Trust: 0.3
vendor:	easy	model:	software products cups	scope:	eq	version:	1.1.13	Trust: 0.3
vendor:	ubuntu	model:	linux lts i386	scope:	eq	version:	6.06	Trust: 0.3
vendor:	suse	model:	linux enterprise server sp2	scope:	eq	version:	10	Trust: 0.3
vendor:	avaya	model:	messaging storage server mm3.0	scope:	-	version:	-	Trust: 0.3
vendor:	sun	model:	opensolaris build snv 87	scope:	-	version:	-	Trust: 0.3
vendor:	redhat	model:	enterprise linux ws	scope:	eq	version:	4	Trust: 0.3
vendor:	redhat	model:	enterprise linux ws	scope:	eq	version:	3	Trust: 0.3
vendor:	avaya	model:	messaging storage server	scope:	-	version:	-	Trust: 0.3
vendor:	sun	model:	opensolaris build snv 88	scope:	-	version:	-	Trust: 0.3
vendor:	debian	model:	linux amd64	scope:	eq	version:	4.0	Trust: 0.3
vendor:	avaya	model:	messaging storage server	scope:	eq	version:	2.0	Trust: 0.3
vendor:	mandriva	model:	linux mandrake	scope:	eq	version:	2008.0	Trust: 0.3
vendor:	redhat	model:	enterprise linux es	scope:	eq	version:	4	Trust: 0.3
vendor:	redhat	model:	enterprise linux es	scope:	eq	version:	3	Trust: 0.3
vendor:	avaya	model:	proactive contact	scope:	eq	version:	0	Trust: 0.3
vendor:	ubuntu	model:	linux lts sparc	scope:	eq	version:	8.04	Trust: 0.3
vendor:	mandriva	model:	linux mandrake x86 64	scope:	eq	version:	2008.1	Trust: 0.3
vendor:	ubuntu	model:	linux lts amd64	scope:	eq	version:	6.06	Trust: 0.3
vendor:	turbolinux	model:	appliance server	scope:	eq	version:	2.0	Trust: 0.3
vendor:	easy	model:	software products cups rc5	scope:	eq	version:	1.1.19	Trust: 0.3
vendor:	ubuntu	model:	linux lts i386	scope:	eq	version:	8.04	Trust: 0.3
vendor:	mandriva	model:	linux mandrake	scope:	eq	version:	2007.1	Trust: 0.3
vendor:	ubuntu	model:	linux lpia	scope:	eq	version:	7.10	Trust: 0.3
vendor:	sun	model:	opensolaris build snv 100	scope:	-	version:	-	Trust: 0.3
vendor:	mandriva	model:	linux mandrake	scope:	eq	version:	2009.0	Trust: 0.3
vendor:	easy	model:	software products cups	scope:	eq	version:	1.1.4-3	Trust: 0.3
vendor:	easy	model:	software products cups	scope:	eq	version:	1.1.22	Trust: 0.3
vendor:	debian	model:	linux alpha	scope:	eq	version:	4.0	Trust: 0.3
vendor:	debian	model:	linux ia-32	scope:	eq	version:	4.0	Trust: 0.3
vendor:	easy	model:	software products cups	scope:	eq	version:	1.1.18	Trust: 0.3
vendor:	debian	model:	linux mipsel	scope:	eq	version:	4.0	Trust: 0.3
vendor:	debian	model:	linux mips	scope:	eq	version:	4.0	Trust: 0.3
vendor:	easy	model:	software products cups	scope:	eq	version:	1.2.8	Trust: 0.3
vendor:	suse	model:	linux enterprise server sp1	scope:	eq	version:	10	Trust: 0.3
vendor:	easy	model:	software products cups	scope:	eq	version:	1.1.12	Trust: 0.3
vendor:	turbolinux	model:	fuji	scope:	eq	version:	0	Trust: 0.3
vendor:	red	model:	hat enterprise linux server	scope:	eq	version:	5	Trust: 0.3
vendor:	suse	model:	linux enterprise server	scope:	eq	version:	8	Trust: 0.3
vendor:	slackware	model:	linux	scope:	eq	version:	12.1	Trust: 0.3
vendor:	rpath	model:	appliance platform linux service	scope:	eq	version:	2	Trust: 0.3
vendor:	mandrakesoft	model:	corporate server x86 64	scope:	eq	version:	3.0	Trust: 0.3
vendor:	avaya	model:	message networking	scope:	-	version:	-	Trust: 0.3
vendor:	ubuntu	model:	linux amd64	scope:	eq	version:	7.10	Trust: 0.3
vendor:	s u s e	model:	opensuse	scope:	eq	version:	11.0	Trust: 0.3
vendor:	ubuntu	model:	linux lts sparc	scope:	eq	version:	6.06	Trust: 0.3
vendor:	mandrakesoft	model:	corporate server	scope:	eq	version:	4.0	Trust: 0.3
vendor:	turbolinux	model:	appliance server workgroup edition	scope:	eq	version:	1.0	Trust: 0.3
vendor:	debian	model:	linux s/390	scope:	eq	version:	4.0	Trust: 0.3
vendor:	sun	model:	opensolaris build snv 96	scope:	-	version:	-	Trust: 0.3
vendor:	easy	model:	software products cups rc1	scope:	eq	version:	1.1.22	Trust: 0.3
vendor:	debian	model:	linux powerpc	scope:	eq	version:	4.0	Trust: 0.3
vendor:	avaya	model:	message networking	scope:	eq	version:	3.1	Trust: 0.3
vendor:	easy	model:	software products cups	scope:	eq	version:	1.3.3	Trust: 0.3
vendor:	gentoo	model:	linux	scope:	-	version:	-	Trust: 0.3
vendor:	redhat	model:	desktop	scope:	eq	version:	3.0	Trust: 0.3
vendor:	ubuntu	model:	linux i386	scope:	eq	version:	7.10	Trust: 0.3
vendor:	rpath	model:	appliance platform linux service	scope:	eq	version:	1	Trust: 0.3
vendor:	redhat	model:	enterprise linux desktop workstation client	scope:	eq	version:	5	Trust: 0.3
vendor:	easy	model:	software products cups	scope:	eq	version:	1.3.6	Trust: 0.3
vendor:	ubuntu	model:	linux lts lpia	scope:	eq	version:	8.04	Trust: 0.3
vendor:	turbolinux	model:	server	scope:	eq	version:	10.0	Trust: 0.3
vendor:	easy	model:	software products cups	scope:	eq	version:	1.2.9	Trust: 0.3
vendor:	sun	model:	opensolaris build snv 91	scope:	-	version:	-	Trust: 0.3
vendor:	sun	model:	opensolaris build snv 89	scope:	-	version:	-	Trust: 0.3
vendor:	s u s e	model:	novell linux pos	scope:	eq	version:	9	Trust: 0.3
vendor:	avaya	model:	messaging storage server	scope:	eq	version:	4.0	Trust: 0.3
vendor:	avaya	model:	message networking mn	scope:	eq	version:	3.1	Trust: 0.3
vendor:	turbolinux	model:	wizpy	scope:	eq	version:	0	Trust: 0.3
vendor:	s u s e	model:	open-enterprise-server	scope:	eq	version:	0	Trust: 0.3
vendor:	suse	model:	linux enterprise server	scope:	eq	version:	9	Trust: 0.3
vendor:	suse	model:	linux enterprise desktop sp1	scope:	eq	version:	10	Trust: 0.3
vendor:	easy	model:	software products cups	scope:	ne	version:	1.3.9	Trust: 0.3
vendor:	sun	model:	opensolaris build snv 94	scope:	-	version:	-	Trust: 0.3
vendor:	easy	model:	software products cups	scope:	eq	version:	1.1.6	Trust: 0.3
vendor:	sun	model:	opensolaris build snv 101	scope:	-	version:	-	Trust: 0.3
vendor:	debian	model:	linux m68k	scope:	eq	version:	4.0	Trust: 0.3
vendor:	easy	model:	software products cups	scope:	eq	version:	1.2.12	Trust: 0.3
vendor:	debian	model:	linux arm	scope:	eq	version:	4.0	Trust: 0.3
vendor:	debian	model:	linux	scope:	eq	version:	4.0	Trust: 0.3
vendor:	easy	model:	software products cups	scope:	eq	version:	1.1.17	Trust: 0.3
vendor:	s u s e	model:	novell linux desktop	scope:	eq	version:	9.0	Trust: 0.3
vendor:	avaya	model:	voice portal	scope:	eq	version:	3.0	Trust: 0.3
vendor:	sun	model:	opensolaris build snv 90	scope:	-	version:	-	Trust: 0.3
vendor:	ubuntu	model:	linux sparc	scope:	eq	version:	7.10	Trust: 0.3
vendor:	easy	model:	software products cups	scope:	eq	version:	1.2.4	Trust: 0.3
vendor:	easy	model:	software products cups	scope:	eq	version:	1.1.1	Trust: 0.3
vendor:	debian	model:	linux ia-64	scope:	eq	version:	4.0	Trust: 0.3
vendor:	s u s e	model:	opensuse	scope:	eq	version:	10.2	Trust: 0.3
vendor:	mandriva	model:	linux mandrake	scope:	eq	version:	2008.1	Trust: 0.3
vendor:	debian	model:	linux sparc	scope:	eq	version:	4.0	Trust: 0.3
vendor:	easy	model:	software products cups	scope:	eq	version:	1.3.2	Trust: 0.3
vendor:	easy	model:	software products cups	scope:	eq	version:	1.1.23	Trust: 0.3
vendor:	easy	model:	software products cups	scope:	eq	version:	1.1.20	Trust: 0.3
vendor:	easy	model:	software products cups	scope:	eq	version:	1.0.4	Trust: 0.3
vendor:	debian	model:	linux hppa	scope:	eq	version:	4.0	Trust: 0.3
vendor:	ubuntu	model:	linux powerpc	scope:	eq	version:	7.10	Trust: 0.3
vendor:	turbolinux	model:	appliance server	scope:	eq	version:	3.0x64	Trust: 0.3
vendor:	suse	model:	opensuse	scope:	eq	version:	10.3	Trust: 0.3
vendor:	turbolinux	model:	client	scope:	eq	version:	2008	Trust: 0.3
vendor:	avaya	model:	proactive contact	scope:	eq	version:	4.0	Trust: 0.3
vendor:	mandriva	model:	linux mandrake x86 64	scope:	eq	version:	2008.0	Trust: 0.3
vendor:	avaya	model:	intuity audix lx	scope:	eq	version:	2.0	Trust: 0.3
vendor:	easy	model:	software products cups	scope:	eq	version:	1.2.2	Trust: 0.3
vendor:	sun	model:	opensolaris build snv 102	scope:	-	version:	-	Trust: 0.3
vendor:	mandrakesoft	model:	corporate server	scope:	eq	version:	3.0	Trust: 0.3
vendor:	easy	model:	software products cups	scope:	eq	version:	1.3.7	Trust: 0.3
vendor:	ubuntu	model:	linux amd64	scope:	eq	version:	7.04	Trust: 0.3
vendor:	easy	model:	software products cups	scope:	eq	version:	1.0.4-8	Trust: 0.3
vendor:	avaya	model:	messaging storage server	scope:	eq	version:	1.0	Trust: 0.3
vendor:	turbolinux	model:	server	scope:	eq	version:	10.0.0x64	Trust: 0.3
vendor:	easy	model:	software products cups	scope:	eq	version:	1.1.7	Trust: 0.3
vendor:	mandriva	model:	linux mandrake x86 64	scope:	eq	version:	2009.0	Trust: 0.3
vendor:	easy	model:	software products cups rc1	scope:	eq	version:	1.1.23	Trust: 0.3
vendor:	red	model:	hat enterprise linux as	scope:	eq	version:	4	Trust: 0.3
vendor:	red	model:	hat enterprise linux as	scope:	eq	version:	3	Trust: 0.3
vendor:	easy	model:	software products cups	scope:	eq	version:	1.1.16	Trust: 0.3
vendor:	easy	model:	software products cups	scope:	eq	version:	1.1.19	Trust: 0.3
vendor:	turbolinux	model:	multimedia	scope:	-	version:	-	Trust: 0.3
vendor:	sun	model:	opensolaris build snv 92	scope:	-	version:	-	Trust: 0.3
vendor:	rpath	model:	linux	scope:	eq	version:	2	Trust: 0.3
vendor:	ubuntu	model:	linux i386	scope:	eq	version:	7.04	Trust: 0.3

sources: CERT/CC: VU#442845 // ZDI: ZDI-08-067 // BID: 31688 // BID: 31681 // JVNDB: JVNDB-2008-001826 // CNNVD: CNNVD-200810-160 // NVD: CVE-2008-3641

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2008-3641
value:	HIGH
Trust: 1.0
CARNEGIE MELLON:	VU#442845
value:	20.75
Trust: 0.8
NVD:	CVE-2008-3641
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200810-160
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-33766
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2008-3641
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-33766
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#442845 // VULHUB: VHN-33766 // JVNDB: JVNDB-2008-001826 // CNNVD: CNNVD-200810-160 // NVD: CVE-2008-3641

PROBLEMTYPE DATA

problemtype:

CWE-399

Trust: 1.9

sources: VULHUB: VHN-33766 // JVNDB: JVNDB-2008-001826 // NVD: CVE-2008-3641

THREAT TYPE

remote

Trust: 0.9

sources: PACKETSTORM: 70974 // PACKETSTORM: 70829 // PACKETSTORM: 72870 // CNNVD: CNNVD-200810-160

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-200810-160

CONFIGURATIONS

sources: JVNDB: JVNDB-2008-001826

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-33766

PATCH

title:	HT3216	url:	http://support.apple.com/kb/HT3216	Trust: 1.5
title:	HT3216	url:	http://support.apple.com/kb/HT3216?viewlocale=ja_JP	Trust: 0.8
title:	cups-1.2.4-11.18.2.1AXS3	url:	https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=354	Trust: 0.8
title:	STR #2911	url:	http://www.cups.org/str.php?L2911	Trust: 0.8
title:	1352	url:	http://www.miraclelinux.com/update/linux/list.php?errata_id=1352	Trust: 0.8
title:	RHSA-2008:0937	url:	http://rhn.redhat.com/errata/RHSA-2008-0937.html	Trust: 0.8
title:	TLSA-2008-43	url:	http://www.turbolinux.com/security/2008/TLSA-2008-43.txt	Trust: 0.8
title:	RHSA-2008:0937	url:	http://www.jp.redhat.com/support/errata/RHSA/RHSA-2008-0937J.html	Trust: 0.8
title:	TLSA-2008-43	url:	http://www.turbolinux.co.jp/security/2008/TLSA-2008-43j.txt	Trust: 0.8

sources: ZDI: ZDI-08-067 // JVNDB: JVNDB-2008-001826

EXTERNAL IDS

db:	NVD	id:	CVE-2008-3641	Trust: 4.3
db:	ZDI	id:	ZDI-08-067	Trust: 2.8
db:	BID	id:	31688	Trust: 2.8
db:	SECTRACK	id:	1021031	Trust: 2.5
db:	SECUNIA	id:	32222	Trust: 2.5
db:	SECUNIA	id:	32226	Trust: 2.5
db:	SECUNIA	id:	32084	Trust: 2.5
db:	BID	id:	31681	Trust: 2.0
db:	VUPEN	id:	ADV-2008-3401	Trust: 1.7
db:	VUPEN	id:	ADV-2008-2780	Trust: 1.7
db:	VUPEN	id:	ADV-2008-2782	Trust: 1.7
db:	VUPEN	id:	ADV-2009-1568	Trust: 1.7
db:	SECUNIA	id:	33568	Trust: 1.7
db:	SECUNIA	id:	32316	Trust: 1.7
db:	SECUNIA	id:	33111	Trust: 1.7
db:	SECUNIA	id:	33085	Trust: 1.7
db:	SECUNIA	id:	32284	Trust: 1.7
db:	SECUNIA	id:	32292	Trust: 1.7
db:	SECUNIA	id:	32331	Trust: 1.1
db:	SECUNIA	id:	15895	Trust: 0.9
db:	SECUNIA	id:	15810	Trust: 0.8
db:	SECUNIA	id:	15922	Trust: 0.8
db:	SECUNIA	id:	15852	Trust: 0.8
db:	SECUNIA	id:	15855	Trust: 0.8
db:	SECUNIA	id:	15861	Trust: 0.8
db:	SECUNIA	id:	15862	Trust: 0.8
db:	SECUNIA	id:	15872	Trust: 0.8
db:	SECUNIA	id:	15883	Trust: 0.8
db:	SECUNIA	id:	15884	Trust: 0.8
db:	BID	id:	14088	Trust: 0.8
db:	SECTRACK	id:	1014327	Trust: 0.8
db:	CERT/CC	id:	VU#442845	Trust: 0.8
db:	JVNDB	id:	JVNDB-2008-001826	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-367	Trust: 0.7
db:	CNNVD	id:	CNNVD-200810-160	Trust: 0.7
db:	CUPS.ORG	id:	HTTP://WWW.CUPS.ORG/ARTICLES.PHP?L575	Trust: 0.6
db:	REDHAT	id:	RHSA-2008:0937	Trust: 0.6
db:	GENTOO	id:	GLSA-200812-11	Trust: 0.6
db:	XF	id:	45779	Trust: 0.6
db:	BUGTRAQ	id:	20081010 ZDI-08-067: APPLE CUPS 1.3.7 (HP-GL/2 FILTER) REMOTE CODE EXECUTION VULNERABILITY	Trust: 0.6
db:	SUSE	id:	SUSE-SR:2008:021	Trust: 0.6
db:	SUSE	id:	SUSE-SR:2009:002	Trust: 0.6
db:	UBUNTU	id:	USN-656-1	Trust: 0.6
db:	SUNALERT	id:	261088	Trust: 0.6
db:	FEDORA	id:	FEDORA-2008-8801	Trust: 0.6
db:	FEDORA	id:	FEDORA-2008-8844	Trust: 0.6
db:	DEBIAN	id:	DSA-1656	Trust: 0.6
db:	APPLE	id:	APPLE-SA-2008-10-09	Trust: 0.6
db:	MANDRIVA	id:	MDVSA-2008:211	Trust: 0.6
db:	PACKETSTORM	id:	70829	Trust: 0.2
db:	EXPLOIT-DB	id:	32470	Trust: 0.1
db:	SEEBUG	id:	SSVID-85754	Trust: 0.1
db:	VULHUB	id:	VHN-33766	Trust: 0.1
db:	PACKETSTORM	id:	70974	Trust: 0.1
db:	PACKETSTORM	id:	38388	Trust: 0.1
db:	PACKETSTORM	id:	71087	Trust: 0.1
db:	PACKETSTORM	id:	70839	Trust: 0.1
db:	PACKETSTORM	id:	72870	Trust: 0.1

sources: CERT/CC: VU#442845 // ZDI: ZDI-08-067 // VULHUB: VHN-33766 // BID: 31688 // BID: 31681 // JVNDB: JVNDB-2008-001826 // PACKETSTORM: 70974 // PACKETSTORM: 70829 // PACKETSTORM: 38388 // PACKETSTORM: 71087 // PACKETSTORM: 70839 // PACKETSTORM: 72870 // CNNVD: CNNVD-200810-160 // NVD: CVE-2008-3641

REFERENCES

url:	http://support.apple.com/kb/ht3216	Trust: 3.1
url:	http://www.securityfocus.com/bid/31688	Trust: 2.5
url:	http://www.securitytracker.com/id?1021031	Trust: 2.5
url:	http://secunia.com/advisories/32084	Trust: 2.5
url:	http://secunia.com/advisories/32222	Trust: 2.5
url:	http://secunia.com/advisories/32226	Trust: 2.5
url:	http://support.avaya.com/elmodocs2/security/asa-2008-470.htm	Trust: 2.0
url:	http://www.cups.org/str.php?l2911	Trust: 2.0
url:	http://www.zerodayinitiative.com/advisories/zdi-08-067	Trust: 1.8
url:	http://lists.apple.com/archives/security-announce/2008/oct/msg00001.html	Trust: 1.7
url:	http://www.securityfocus.com/bid/31681	Trust: 1.7
url:	http://www.debian.org/security/2008/dsa-1656	Trust: 1.7
url:	https://www.redhat.com/archives/fedora-package-announce/2008-october/msg00331.html	Trust: 1.7
url:	https://www.redhat.com/archives/fedora-package-announce/2008-october/msg00380.html	Trust: 1.7
url:	http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml	Trust: 1.7
url:	http://www.mandriva.com/security/advisories?name=mdvsa-2008:211	Trust: 1.7
url:	http://www.redhat.com/support/errata/rhsa-2008-0937.html	Trust: 1.7
url:	http://secunia.com/advisories/32284	Trust: 1.7
url:	http://secunia.com/advisories/32292	Trust: 1.7
url:	http://secunia.com/advisories/32316	Trust: 1.7
url:	http://secunia.com/advisories/33085	Trust: 1.7
url:	http://secunia.com/advisories/33111	Trust: 1.7
url:	http://secunia.com/advisories/33568	Trust: 1.7
url:	http://sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html	Trust: 1.7
url:	http://www.vupen.com/english/advisories/2009/1568	Trust: 1.7
url:	http://www.cups.org/articles.php?l575	Trust: 1.4
url:	http://www.frsirt.com/english/advisories/2008/2782	Trust: 1.4
url:	http://www.frsirt.com/english/advisories/2008/2780	Trust: 1.4
url:	http://www.securityfocus.com/archive/1/497221/100/0/threaded	Trust: 1.1
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9666	Trust: 1.1
url:	http://secunia.com/advisories/32331	Trust: 1.1
url:	https://usn.ubuntu.com/656-1/	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2008/2780	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2008/2782	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2008/3401	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/45779	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3641	Trust: 1.0
url:	http://secunia.com/advisories/15895/	Trust: 0.9
url:	http://secunia.com/advisories/15852/	Trust: 0.9
url:	http://www.hardened-php.net/advisory-022005.php	Trust: 0.8
url:	http://secunia.com/advisories/15861/	Trust: 0.8
url:	http://secunia.com/advisories/15862/	Trust: 0.8
url:	http://secunia.com/advisories/15884/	Trust: 0.8
url:	http://secunia.com/advisories/15883/	Trust: 0.8
url:	http://news.postnuke.com/modules.php?op=modload&name=news&file=article&sid=2699	Trust: 0.8
url:	http://secunia.com/advisories/15855/	Trust: 0.8
url:	http://secunia.com/advisories/15810/	Trust: 0.8
url:	http://secunia.com/advisories/15872/	Trust: 0.8
url:	http://secunia.com/advisories/15922/	Trust: 0.8
url:	http://securitytracker.com/alerts/2005/jun/1014327.html	Trust: 0.8
url:	http://www.gulftech.org/?node=research&article_id=00088-07022005	Trust: 0.8
url:	http://www.gulftech.org/?node=research&article_id=00087-07012005	Trust: 0.8
url:	http://www.securityfocus.com/bid/14088	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-3641	Trust: 0.8
url:	http://www.apple.com/macosx/	Trust: 0.6
url:	http://cups.org/articles.php?l575	Trust: 0.6
url:	http://xforce.iss.net/xforce/xfdb/45779	Trust: 0.6
url:	http://www.ubuntulinux.org/support/documentation/usn/usn-656-1	Trust: 0.6
url:	http://www.securityfocus.com/archive/1/archive/1/497221/100/0/threaded	Trust: 0.6
url:	http://www.frsirt.com/english/advisories/2008/3401	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2008-3641	Trust: 0.5
url:	https://nvd.nist.gov/vuln/detail/cve-2008-3639	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2008-3640	Trust: 0.4
url:	http://sunsolve.sun.com/search/document.do?assetkey=1-66-261088-1	Trust: 0.3
url:	http://www.zerodayinitiative.com/advisories/zdi-08-067/	Trust: 0.3
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3639	Trust: 0.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3640	Trust: 0.2
url:	http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.2.2-0ubuntu0.6.06.11_all.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8.diff.gz	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7.orig.tar.gz	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8.orig.tar.gz	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6.diff.gz	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8.dsc	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6.dsc	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1.diff.gz	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.2-1ubuntu7.8_all.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_i386.deb	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2008-1722	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.2.8-0ubuntu8.6_all.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11.dsc	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2.orig.tar.gz	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1.dsc	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2.orig.tar.gz	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.7-1ubuntu3.1_all.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11.diff.gz	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_sparc.deb	Trust: 0.1
url:	http://www.zerodayinitiative.com/advisories/disclosure_policy/	Trust: 0.1
url:	http://www.tippingpoint.com	Trust: 0.1
url:	http://www.zerodayinitiative.com	Trust: 0.1
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/product/3699/	Trust: 0.1
url:	http://sourceforge.net/project/showfiles.php?group_id=66479	Trust: 0.1
url:	http://secunia.com/secunia_vacancies/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_hppa.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_hppa.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_alpha.deb	Trust: 0.1
url:	http://www.debian.org/security/faq	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5.diff.gz	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5.dsc	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_hppa.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_hppa.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.2.7-4etch5_all.deb	Trust: 0.1
url:	http://security.debian.org/	Trust: 0.1
url:	http://www.debian.org/security/	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7.orig.tar.gz	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_hppa.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_hppa.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys-common_1.2.7-4etch5_all.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_hppa.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_hppa.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_i386.deb	Trust: 0.1
url:	http://packages.debian.org/<pkg>	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_arm.deb	Trust: 0.1
url:	http://www.mandriva.com/security/	Trust: 0.1
url:	http://secunia.com/	Trust: 0.1
url:	http://www.mandriva.com/security/advisories	Trust: 0.1
url:	http://lists.grok.org.uk/full-disclosure-charter.html	Trust: 0.1
url:	http://bugs.gentoo.org.	Trust: 0.1
url:	http://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2008-5286	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-5286	Trust: 0.1
url:	http://security.gentoo.org/glsa/glsa-200812-11.xml	Trust: 0.1
url:	http://security.gentoo.org/	Trust: 0.1

CREDITS

regenrecht

Trust: 0.7

sources: ZDI: ZDI-08-067

SOURCES

db:	CERT/CC	id:	VU#442845
db:	ZDI	id:	ZDI-08-067
db:	VULHUB	id:	VHN-33766
db:	BID	id:	31688
db:	BID	id:	31681
db:	JVNDB	id:	JVNDB-2008-001826
db:	PACKETSTORM	id:	70974
db:	PACKETSTORM	id:	70829
db:	PACKETSTORM	id:	38388
db:	PACKETSTORM	id:	71087
db:	PACKETSTORM	id:	70839
db:	PACKETSTORM	id:	72870
db:	CNNVD	id:	CNNVD-200810-160
db:	NVD	id:	CVE-2008-3641

LAST UPDATE DATE

2024-09-19T22:33:23.952000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#442845	date:	2007-03-09T00:00:00
db:	ZDI	id:	ZDI-08-067	date:	2008-10-09T00:00:00
db:	VULHUB	id:	VHN-33766	date:	2018-10-11T00:00:00
db:	BID	id:	31688	date:	2015-05-07T17:05:00
db:	BID	id:	31681	date:	2009-03-24T16:56:00
db:	JVNDB	id:	JVNDB-2008-001826	date:	2008-12-25T00:00:00
db:	CNNVD	id:	CNNVD-200810-160	date:	2009-06-19T00:00:00
db:	NVD	id:	CVE-2008-3641	date:	2018-10-11T20:48:49.163

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#442845	date:	2005-07-06T00:00:00
db:	ZDI	id:	ZDI-08-067	date:	2008-10-09T00:00:00
db:	VULHUB	id:	VHN-33766	date:	2008-10-10T00:00:00
db:	BID	id:	31688	date:	2008-10-09T00:00:00
db:	BID	id:	31681	date:	2008-10-09T00:00:00
db:	JVNDB	id:	JVNDB-2008-001826	date:	2008-11-10T00:00:00
db:	PACKETSTORM	id:	70974	date:	2008-10-16T00:26:26
db:	PACKETSTORM	id:	70829	date:	2008-10-11T18:39:14
db:	PACKETSTORM	id:	38388	date:	2005-07-01T23:31:00
db:	PACKETSTORM	id:	71087	date:	2008-10-21T00:23:21
db:	PACKETSTORM	id:	70839	date:	2008-10-11T19:00:49
db:	PACKETSTORM	id:	72870	date:	2008-12-10T23:04:12
db:	CNNVD	id:	CNNVD-200810-160	date:	2007-05-16T00:00:00
db:	NVD	id:	CVE-2008-3641	date:	2008-10-10T10:30:03.077