Details of VAR-201502-0428

ID

VAR-201502-0428

CVE

CVE-2014-9679

TITLE

CUPS of filter/raster.c Inside cupsRasterReadPixels Integer underflow vulnerability in functions

Trust: 0.8

sources: JVNDB: JVNDB-2015-001562

DESCRIPTION

Integer underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS before 2.0.2 allows remote attackers to have unspecified impact via a malformed compressed raster file, which triggers a buffer overflow. CUPS cupsRasterReadPixels is prone to a buffer overflow vulnerability because it fails to perform adequate boundary checks. An attacker can exploit this issue to execute arbitrary code in the context of the application. Failed exploit attempts likely result in denial-of-service conditions. The system is based on the Internet Printing Protocol (IPP) and provides most PostScript and raster printer services. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: cups security update Advisory ID: RHSA-2015:1123-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-1123.html Issue date: 2015-06-17 CVE Names: CVE-2014-9679 CVE-2015-1158 CVE-2015-1159 ===================================================================== 1. Summary: Updated cups packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. A string reference count bug was found in cupsd, causing premature freeing of string objects. An attacker can submit a malicious print job that exploits this flaw to dismantle ACLs protecting privileged operations, allowing a replacement configuration file to be uploaded which in turn allows the attacker to run arbitrary code in the CUPS server (CVE-2015-1158) A cross-site scripting flaw was found in the cups web templating engine. An attacker could use this flaw to bypass the default configuration settings that bind the CUPS scheduler to the 'localhost' or loopback interface. An attacker could create a specially-crafted image file, which when passed via the cups Raster filter, could cause the cups filter to crash. (CVE-2014-9679) Red Hat would like to thank the CERT/CC for reporting CVE-2015-1158 and CVE-2015-1159 issues. All cups users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, the cupsd daemon will be restarted automatically. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1191588 - CVE-2014-9679 cups: cupsRasterReadPixels buffer overflow 1221641 - CVE-2015-1158 cups: incorrect string reference counting (VU#810572) 1221642 - CVE-2015-1159 cups: cross-site scripting flaw in CUPS web UI (VU#810572) 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: cups-1.4.2-67.el6_6.1.src.rpm i386: cups-1.4.2-67.el6_6.1.i686.rpm cups-debuginfo-1.4.2-67.el6_6.1.i686.rpm cups-libs-1.4.2-67.el6_6.1.i686.rpm cups-lpd-1.4.2-67.el6_6.1.i686.rpm x86_64: cups-1.4.2-67.el6_6.1.x86_64.rpm cups-debuginfo-1.4.2-67.el6_6.1.i686.rpm cups-debuginfo-1.4.2-67.el6_6.1.x86_64.rpm cups-libs-1.4.2-67.el6_6.1.i686.rpm cups-libs-1.4.2-67.el6_6.1.x86_64.rpm cups-lpd-1.4.2-67.el6_6.1.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: cups-debuginfo-1.4.2-67.el6_6.1.i686.rpm cups-devel-1.4.2-67.el6_6.1.i686.rpm cups-php-1.4.2-67.el6_6.1.i686.rpm x86_64: cups-debuginfo-1.4.2-67.el6_6.1.i686.rpm cups-debuginfo-1.4.2-67.el6_6.1.x86_64.rpm cups-devel-1.4.2-67.el6_6.1.i686.rpm cups-devel-1.4.2-67.el6_6.1.x86_64.rpm cups-php-1.4.2-67.el6_6.1.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: cups-1.4.2-67.el6_6.1.src.rpm x86_64: cups-1.4.2-67.el6_6.1.x86_64.rpm cups-debuginfo-1.4.2-67.el6_6.1.i686.rpm cups-debuginfo-1.4.2-67.el6_6.1.x86_64.rpm cups-libs-1.4.2-67.el6_6.1.i686.rpm cups-libs-1.4.2-67.el6_6.1.x86_64.rpm cups-lpd-1.4.2-67.el6_6.1.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: cups-debuginfo-1.4.2-67.el6_6.1.i686.rpm cups-debuginfo-1.4.2-67.el6_6.1.x86_64.rpm cups-devel-1.4.2-67.el6_6.1.i686.rpm cups-devel-1.4.2-67.el6_6.1.x86_64.rpm cups-php-1.4.2-67.el6_6.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: cups-1.4.2-67.el6_6.1.src.rpm i386: cups-1.4.2-67.el6_6.1.i686.rpm cups-debuginfo-1.4.2-67.el6_6.1.i686.rpm cups-devel-1.4.2-67.el6_6.1.i686.rpm cups-libs-1.4.2-67.el6_6.1.i686.rpm cups-lpd-1.4.2-67.el6_6.1.i686.rpm ppc64: cups-1.4.2-67.el6_6.1.ppc64.rpm cups-debuginfo-1.4.2-67.el6_6.1.ppc.rpm cups-debuginfo-1.4.2-67.el6_6.1.ppc64.rpm cups-devel-1.4.2-67.el6_6.1.ppc.rpm cups-devel-1.4.2-67.el6_6.1.ppc64.rpm cups-libs-1.4.2-67.el6_6.1.ppc.rpm cups-libs-1.4.2-67.el6_6.1.ppc64.rpm cups-lpd-1.4.2-67.el6_6.1.ppc64.rpm s390x: cups-1.4.2-67.el6_6.1.s390x.rpm cups-debuginfo-1.4.2-67.el6_6.1.s390.rpm cups-debuginfo-1.4.2-67.el6_6.1.s390x.rpm cups-devel-1.4.2-67.el6_6.1.s390.rpm cups-devel-1.4.2-67.el6_6.1.s390x.rpm cups-libs-1.4.2-67.el6_6.1.s390.rpm cups-libs-1.4.2-67.el6_6.1.s390x.rpm cups-lpd-1.4.2-67.el6_6.1.s390x.rpm x86_64: cups-1.4.2-67.el6_6.1.x86_64.rpm cups-debuginfo-1.4.2-67.el6_6.1.i686.rpm cups-debuginfo-1.4.2-67.el6_6.1.x86_64.rpm cups-devel-1.4.2-67.el6_6.1.i686.rpm cups-devel-1.4.2-67.el6_6.1.x86_64.rpm cups-libs-1.4.2-67.el6_6.1.i686.rpm cups-libs-1.4.2-67.el6_6.1.x86_64.rpm cups-lpd-1.4.2-67.el6_6.1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: cups-debuginfo-1.4.2-67.el6_6.1.i686.rpm cups-php-1.4.2-67.el6_6.1.i686.rpm ppc64: cups-debuginfo-1.4.2-67.el6_6.1.ppc64.rpm cups-php-1.4.2-67.el6_6.1.ppc64.rpm s390x: cups-debuginfo-1.4.2-67.el6_6.1.s390x.rpm cups-php-1.4.2-67.el6_6.1.s390x.rpm x86_64: cups-debuginfo-1.4.2-67.el6_6.1.x86_64.rpm cups-php-1.4.2-67.el6_6.1.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: cups-1.4.2-67.el6_6.1.src.rpm i386: cups-1.4.2-67.el6_6.1.i686.rpm cups-debuginfo-1.4.2-67.el6_6.1.i686.rpm cups-devel-1.4.2-67.el6_6.1.i686.rpm cups-libs-1.4.2-67.el6_6.1.i686.rpm cups-lpd-1.4.2-67.el6_6.1.i686.rpm x86_64: cups-1.4.2-67.el6_6.1.x86_64.rpm cups-debuginfo-1.4.2-67.el6_6.1.i686.rpm cups-debuginfo-1.4.2-67.el6_6.1.x86_64.rpm cups-devel-1.4.2-67.el6_6.1.i686.rpm cups-devel-1.4.2-67.el6_6.1.x86_64.rpm cups-libs-1.4.2-67.el6_6.1.i686.rpm cups-libs-1.4.2-67.el6_6.1.x86_64.rpm cups-lpd-1.4.2-67.el6_6.1.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: cups-debuginfo-1.4.2-67.el6_6.1.i686.rpm cups-php-1.4.2-67.el6_6.1.i686.rpm x86_64: cups-debuginfo-1.4.2-67.el6_6.1.x86_64.rpm cups-php-1.4.2-67.el6_6.1.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: cups-1.6.3-17.el7_1.1.src.rpm noarch: cups-filesystem-1.6.3-17.el7_1.1.noarch.rpm x86_64: cups-1.6.3-17.el7_1.1.x86_64.rpm cups-client-1.6.3-17.el7_1.1.x86_64.rpm cups-debuginfo-1.6.3-17.el7_1.1.i686.rpm cups-debuginfo-1.6.3-17.el7_1.1.x86_64.rpm cups-libs-1.6.3-17.el7_1.1.i686.rpm cups-libs-1.6.3-17.el7_1.1.x86_64.rpm cups-lpd-1.6.3-17.el7_1.1.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: cups-debuginfo-1.6.3-17.el7_1.1.i686.rpm cups-debuginfo-1.6.3-17.el7_1.1.x86_64.rpm cups-devel-1.6.3-17.el7_1.1.i686.rpm cups-devel-1.6.3-17.el7_1.1.x86_64.rpm cups-ipptool-1.6.3-17.el7_1.1.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: cups-1.6.3-17.el7_1.1.src.rpm noarch: cups-filesystem-1.6.3-17.el7_1.1.noarch.rpm x86_64: cups-1.6.3-17.el7_1.1.x86_64.rpm cups-client-1.6.3-17.el7_1.1.x86_64.rpm cups-debuginfo-1.6.3-17.el7_1.1.i686.rpm cups-debuginfo-1.6.3-17.el7_1.1.x86_64.rpm cups-libs-1.6.3-17.el7_1.1.i686.rpm cups-libs-1.6.3-17.el7_1.1.x86_64.rpm cups-lpd-1.6.3-17.el7_1.1.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: cups-debuginfo-1.6.3-17.el7_1.1.i686.rpm cups-debuginfo-1.6.3-17.el7_1.1.x86_64.rpm cups-devel-1.6.3-17.el7_1.1.i686.rpm cups-devel-1.6.3-17.el7_1.1.x86_64.rpm cups-ipptool-1.6.3-17.el7_1.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: cups-1.6.3-17.el7_1.1.src.rpm noarch: cups-filesystem-1.6.3-17.el7_1.1.noarch.rpm ppc64: cups-1.6.3-17.el7_1.1.ppc64.rpm cups-client-1.6.3-17.el7_1.1.ppc64.rpm cups-debuginfo-1.6.3-17.el7_1.1.ppc.rpm cups-debuginfo-1.6.3-17.el7_1.1.ppc64.rpm cups-devel-1.6.3-17.el7_1.1.ppc.rpm cups-devel-1.6.3-17.el7_1.1.ppc64.rpm cups-libs-1.6.3-17.el7_1.1.ppc.rpm cups-libs-1.6.3-17.el7_1.1.ppc64.rpm cups-lpd-1.6.3-17.el7_1.1.ppc64.rpm s390x: cups-1.6.3-17.el7_1.1.s390x.rpm cups-client-1.6.3-17.el7_1.1.s390x.rpm cups-debuginfo-1.6.3-17.el7_1.1.s390.rpm cups-debuginfo-1.6.3-17.el7_1.1.s390x.rpm cups-devel-1.6.3-17.el7_1.1.s390.rpm cups-devel-1.6.3-17.el7_1.1.s390x.rpm cups-libs-1.6.3-17.el7_1.1.s390.rpm cups-libs-1.6.3-17.el7_1.1.s390x.rpm cups-lpd-1.6.3-17.el7_1.1.s390x.rpm x86_64: cups-1.6.3-17.el7_1.1.x86_64.rpm cups-client-1.6.3-17.el7_1.1.x86_64.rpm cups-debuginfo-1.6.3-17.el7_1.1.i686.rpm cups-debuginfo-1.6.3-17.el7_1.1.x86_64.rpm cups-devel-1.6.3-17.el7_1.1.i686.rpm cups-devel-1.6.3-17.el7_1.1.x86_64.rpm cups-libs-1.6.3-17.el7_1.1.i686.rpm cups-libs-1.6.3-17.el7_1.1.x86_64.rpm cups-lpd-1.6.3-17.el7_1.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: cups-1.6.3-17.ael7b_1.1.src.rpm noarch: cups-filesystem-1.6.3-17.ael7b_1.1.noarch.rpm ppc64le: cups-1.6.3-17.ael7b_1.1.ppc64le.rpm cups-client-1.6.3-17.ael7b_1.1.ppc64le.rpm cups-debuginfo-1.6.3-17.ael7b_1.1.ppc64le.rpm cups-devel-1.6.3-17.ael7b_1.1.ppc64le.rpm cups-libs-1.6.3-17.ael7b_1.1.ppc64le.rpm cups-lpd-1.6.3-17.ael7b_1.1.ppc64le.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: cups-debuginfo-1.6.3-17.el7_1.1.ppc64.rpm cups-ipptool-1.6.3-17.el7_1.1.ppc64.rpm s390x: cups-debuginfo-1.6.3-17.el7_1.1.s390x.rpm cups-ipptool-1.6.3-17.el7_1.1.s390x.rpm x86_64: cups-debuginfo-1.6.3-17.el7_1.1.x86_64.rpm cups-ipptool-1.6.3-17.el7_1.1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64le: cups-debuginfo-1.6.3-17.ael7b_1.1.ppc64le.rpm cups-ipptool-1.6.3-17.ael7b_1.1.ppc64le.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: cups-1.6.3-17.el7_1.1.src.rpm noarch: cups-filesystem-1.6.3-17.el7_1.1.noarch.rpm x86_64: cups-1.6.3-17.el7_1.1.x86_64.rpm cups-client-1.6.3-17.el7_1.1.x86_64.rpm cups-debuginfo-1.6.3-17.el7_1.1.i686.rpm cups-debuginfo-1.6.3-17.el7_1.1.x86_64.rpm cups-devel-1.6.3-17.el7_1.1.i686.rpm cups-devel-1.6.3-17.el7_1.1.x86_64.rpm cups-libs-1.6.3-17.el7_1.1.i686.rpm cups-libs-1.6.3-17.el7_1.1.x86_64.rpm cups-lpd-1.6.3-17.el7_1.1.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: cups-debuginfo-1.6.3-17.el7_1.1.x86_64.rpm cups-ipptool-1.6.3-17.el7_1.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-9679 https://access.redhat.com/security/cve/CVE-2015-1158 https://access.redhat.com/security/cve/CVE-2015-1159 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFVgeHcXlSAg2UNWIIRAh1nAJ98EaDYp4J/i4NRT5iKDxSHRt5fVgCeOhjy Z4wgeyBJzfNJJ63iLHjIPPg= =T7rG -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . In CUPS before 1.7.4, a local user with privileges of group=lp can write symbolic links in the rss directory and use that to gain '@SYSTEM' group privilege with cupsd (CVE-2014-3537). It was discovered that the web interface in CUPS incorrectly validated permissions on rss files and directory index files. A local attacker could possibly use this issue to bypass file permissions and read arbitrary files, possibly leading to a privilege escalation (CVE-2014-5029, CVE-2014-5030, CVE-2014-5031). _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2856 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3537 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5029 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5030 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5031 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9679 http://advisories.mageia.org/MGASA-2014-0193.html http://advisories.mageia.org/MGASA-2014-0313.html http://advisories.mageia.org/MGASA-2015-0067.html _______________________________________________________________________ Updated Packages: Mandriva Business Server 2/X86_64: 0d1f31885b6c118b63449f2fdd821666 mbs2/x86_64/cups-1.7.0-8.1.mbs2.x86_64.rpm b5337600a386f902763653796a2cefdf mbs2/x86_64/cups-common-1.7.0-8.1.mbs2.x86_64.rpm 7b1513d85b5f22cd90bed23a35e44f51 mbs2/x86_64/cups-filesystem-1.7.0-8.1.mbs2.noarch.rpm c25fa9b9bba101274984fa2b7a62f7a3 mbs2/x86_64/lib64cups2-1.7.0-8.1.mbs2.x86_64.rpm df24a6b84fdafffaadf961ab4aa3640b mbs2/x86_64/lib64cups2-devel-1.7.0-8.1.mbs2.x86_64.rpm 5c172624c992de8ebb2bf8a2b232ee3a mbs2/SRPMS/cups-1.7.0-8.1.mbs2.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/en/support/security/advisories/ If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iD8DBQFVF6q1mqjQ0CJFipgRAuxXAKDq8A/WlNzp54yRN7xnKy8ZBaRZQwCfSAh0 n7hHPzmYVzh2wFP6PffIl0E= =ykhv -----END PGP SIGNATURE----- . For the stable distribution (wheezy), this problem has been fixed in version 1.5.3-5+deb7u5. For the upcoming stable distribution (jessie) and unstable distribution (sid), this problem has been fixed in version 1.7.5-11. We recommend that you upgrade your cups packages. ============================================================================ Ubuntu Security Notice USN-2520-1 February 26, 2015 cups vulnerability ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.10 - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS - Ubuntu 10.04 LTS Summary: CUPS could be made to crash or run programs if it processed a specially crafted file. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.10: cups 1.7.5-3ubuntu3.1 Ubuntu 14.04 LTS: cups 1.7.2-0ubuntu1.5 Ubuntu 12.04 LTS: cups 1.5.3-0ubuntu8.6 Ubuntu 10.04 LTS: cups 1.4.3-1ubuntu1.14 In general, a standard system update will make all the necessary changes

Trust: 2.52

sources: NVD: CVE-2014-9679 // JVNDB: JVNDB-2015-001562 // BID: 72594 // VULHUB: VHN-77624 // VULMON: CVE-2014-9679 // PACKETSTORM: 132346 // PACKETSTORM: 131116 // PACKETSTORM: 130542 // PACKETSTORM: 130600 // PACKETSTORM: 130552

AFFECTED PRODUCTS

vendor:	apple	model:	cups	scope:	lte	version:	2.0.1	Trust: 1.0
vendor:	apple	model:	cups	scope:	lt	version:	2.0.2	Trust: 0.8
vendor:	apple	model:	cups	scope:	eq	version:	2.0.1	Trust: 0.6
vendor:	ubuntu	model:	linux lts i386	scope:	eq	version:	12.04	Trust: 0.3
vendor:	ubuntu	model:	linux lts amd64	scope:	eq	version:	12.04	Trust: 0.3
vendor:	ubuntu	model:	linux sparc	scope:	eq	version:	10.04	Trust: 0.3
vendor:	ubuntu	model:	linux powerpc	scope:	eq	version:	10.04	Trust: 0.3
vendor:	ubuntu	model:	linux i386	scope:	eq	version:	10.04	Trust: 0.3
vendor:	ubuntu	model:	linux arm	scope:	eq	version:	10.04	Trust: 0.3
vendor:	ubuntu	model:	linux amd64	scope:	eq	version:	10.04	Trust: 0.3
vendor:	red	model:	hat enterprise linux workstation	scope:	eq	version:	6	Trust: 0.3
vendor:	red	model:	hat enterprise linux server	scope:	eq	version:	6	Trust: 0.3
vendor:	red	model:	hat enterprise linux hpc node	scope:	eq	version:	6	Trust: 0.3
vendor:	red	model:	hat enterprise linux desktop	scope:	eq	version:	6	Trust: 0.3
vendor:	debian	model:	linux sparc	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux s/390	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux powerpc	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux mips	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux ia-64	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux ia-32	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux arm	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux amd64	scope:	eq	version:	6.0	Trust: 0.3
vendor:	avaya	model:	aura experience portal	scope:	eq	version:	6.0	Trust: 0.3

sources: BID: 72594 // JVNDB: JVNDB-2015-001562 // CNNVD: CNNVD-201502-325 // NVD: CVE-2014-9679

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2014-9679
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2014-9679
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201502-325
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-77624
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2014-9679
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2014-9679
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-77624
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-77624 // VULMON: CVE-2014-9679 // JVNDB: JVNDB-2015-001562 // CNNVD: CNNVD-201502-325 // NVD: CVE-2014-9679

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-77624 // JVNDB: JVNDB-2015-001562 // NVD: CVE-2014-9679

THREAT TYPE

remote

Trust: 0.8

sources: PACKETSTORM: 130542 // PACKETSTORM: 130552 // CNNVD: CNNVD-201502-325

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201502-325

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-001562

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-77624

PATCH

title:	CUPS 2.0.2	url:	https://www.cups.org/index.php	Trust: 0.8
title:	cups-2.0.2-source	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54144	Trust: 0.6
title:	cups-2.0.2-source	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54145	Trust: 0.6
title:	Debian CVElist Bug Report Logs: cups: CVE-2014-9679	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=1a87d56755db0065c2a0c7449dd4e2be	Trust: 0.1
title:	Debian CVElist Bug Report Logs: cups: CVE-2014-9679	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=e71ef12eceb0d70c4961d9f82bfceb82	Trust: 0.1
title:	Ubuntu Security Notice: cups vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-2520-1	Trust: 0.1
title:	Debian Security Advisories: DSA-3172-1 cups -- security update	url:	https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=ce7961d5d53ed439bb84237c6de63fd6	Trust: 0.1
title:	Amazon Linux AMI: ALAS-2015-559	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2015-559	Trust: 0.1
title:	Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2016	url:	https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins&qid=976a4da35d55283870dbb31b88a6c655	Trust: 0.1
title:	afl-cve	url:	https://github.com/mrash/afl-cve	Trust: 0.1

sources: VULMON: CVE-2014-9679 // JVNDB: JVNDB-2015-001562 // CNNVD: CNNVD-201502-325

EXTERNAL IDS

db:	NVD	id:	CVE-2014-9679	Trust: 3.4
db:	BID	id:	72594	Trust: 1.5
db:	SECTRACK	id:	1031776	Trust: 1.2
db:	OPENWALL	id:	OSS-SECURITY/2015/02/10/15	Trust: 1.2
db:	OPENWALL	id:	OSS-SECURITY/2015/02/12/12	Trust: 1.2
db:	JVNDB	id:	JVNDB-2015-001562	Trust: 0.8
db:	AUSCERT	id:	ESB-2020.2340	Trust: 0.6
db:	CNNVD	id:	CNNVD-201502-325	Trust: 0.6
db:	PACKETSTORM	id:	132346	Trust: 0.2
db:	PACKETSTORM	id:	130542	Trust: 0.2
db:	PACKETSTORM	id:	130600	Trust: 0.2
db:	PACKETSTORM	id:	130552	Trust: 0.2
db:	VULHUB	id:	VHN-77624	Trust: 0.1
db:	VULMON	id:	CVE-2014-9679	Trust: 0.1
db:	PACKETSTORM	id:	131116	Trust: 0.1

sources: VULHUB: VHN-77624 // VULMON: CVE-2014-9679 // BID: 72594 // JVNDB: JVNDB-2015-001562 // PACKETSTORM: 132346 // PACKETSTORM: 131116 // PACKETSTORM: 130542 // PACKETSTORM: 130600 // PACKETSTORM: 130552 // CNNVD: CNNVD-201502-325 // NVD: CVE-2014-9679

REFERENCES

url:	http://advisories.mageia.org/mgasa-2015-0067.html	Trust: 1.4
url:	http://rhn.redhat.com/errata/rhsa-2015-1123.html	Trust: 1.3
url:	http://www.ubuntu.com/usn/usn-2520-1	Trust: 1.3
url:	http://www.securityfocus.com/bid/72594	Trust: 1.2
url:	http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html	Trust: 1.2
url:	https://www.cups.org/str.php?l4551	Trust: 1.2
url:	http://www.debian.org/security/2015/dsa-3172	Trust: 1.2
url:	http://lists.fedoraproject.org/pipermail/package-announce/2015-february/150177.html	Trust: 1.2
url:	http://lists.fedoraproject.org/pipermail/package-announce/2015-february/150171.html	Trust: 1.2
url:	https://security.gentoo.org/glsa/201607-06	Trust: 1.2
url:	http://www.mandriva.com/security/advisories?name=mdvsa-2015:049	Trust: 1.2
url:	http://www.mandriva.com/security/advisories?name=mdvsa-2015:108	Trust: 1.2
url:	http://www.openwall.com/lists/oss-security/2015/02/10/15	Trust: 1.2
url:	http://www.openwall.com/lists/oss-security/2015/02/12/12	Trust: 1.2
url:	http://www.securitytracker.com/id/1031776	Trust: 1.2
url:	http://lists.opensuse.org/opensuse-updates/2015-02/msg00098.html	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9679	Trust: 1.0
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-9679	Trust: 0.8
url:	https://www.auscert.org.au/bulletins/esb-2020.2340/	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2014-9679	Trust: 0.5
url:	http://www.cups.org/	Trust: 0.3
url:	http://www.mandriva.com/en/support/security/	Trust: 0.2
url:	http://www.mandriva.com/en/support/security/advisories/	Trust: 0.2
url:	http://www.debian.org/security/	Trust: 0.2
url:	https://cwe.mitre.org/data/definitions/119.html	Trust: 0.1
url:	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508021	Trust: 0.1
url:	http://tools.cisco.com/security/center/viewalert.x?alertid=37545	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://usn.ubuntu.com/2520-1/	Trust: 0.1
url:	https://www.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-1158	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2014-9679	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2015-1158	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-1159	Trust: 0.1
url:	https://bugzilla.redhat.com/):	Trust: 0.1
url:	https://access.redhat.com/security/team/key/	Trust: 0.1
url:	https://access.redhat.com/articles/11258	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2015-1159	Trust: 0.1
url:	https://access.redhat.com/security/team/contact/	Trust: 0.1
url:	https://access.redhat.com/security/updates/classification/#important	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-5031	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3537	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-5029	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-5030	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-3537	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-2856	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-5029	Trust: 0.1
url:	http://advisories.mageia.org/mgasa-2014-0193.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-5031	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-5030	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2856	Trust: 0.1
url:	http://advisories.mageia.org/mgasa-2014-0313.html	Trust: 0.1
url:	http://www.debian.org/security/faq	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/cups/1.7.5-3ubuntu3.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/cups/1.7.2-0ubuntu1.5	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/cups/1.4.3-1ubuntu1.14	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/cups/1.5.3-0ubuntu8.6	Trust: 0.1

CREDITS

Peter De Wachter

Trust: 0.9

sources: BID: 72594 // CNNVD: CNNVD-201502-325

SOURCES

db:	VULHUB	id:	VHN-77624
db:	VULMON	id:	CVE-2014-9679
db:	BID	id:	72594
db:	JVNDB	id:	JVNDB-2015-001562
db:	PACKETSTORM	id:	132346
db:	PACKETSTORM	id:	131116
db:	PACKETSTORM	id:	130542
db:	PACKETSTORM	id:	130600
db:	PACKETSTORM	id:	130552
db:	CNNVD	id:	CNNVD-201502-325
db:	NVD	id:	CVE-2014-9679

LAST UPDATE DATE

2024-11-23T20:54:17.012000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-77624	date:	2018-10-30T00:00:00
db:	VULMON	id:	CVE-2014-9679	date:	2018-10-30T00:00:00
db:	BID	id:	72594	date:	2016-07-06T15:03:00
db:	JVNDB	id:	JVNDB-2015-001562	date:	2015-02-24T00:00:00
db:	CNNVD	id:	CNNVD-201502-325	date:	2020-07-10T00:00:00
db:	NVD	id:	CVE-2014-9679	date:	2024-11-21T02:21:25.603

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-77624	date:	2015-02-19T00:00:00
db:	VULMON	id:	CVE-2014-9679	date:	2015-02-19T00:00:00
db:	BID	id:	72594	date:	2015-02-10T00:00:00
db:	JVNDB	id:	JVNDB-2015-001562	date:	2015-02-24T00:00:00
db:	PACKETSTORM	id:	132346	date:	2015-06-17T23:50:32
db:	PACKETSTORM	id:	131116	date:	2015-03-30T21:33:02
db:	PACKETSTORM	id:	130542	date:	2015-02-26T17:12:29
db:	PACKETSTORM	id:	130600	date:	2015-03-02T17:24:01
db:	PACKETSTORM	id:	130552	date:	2015-02-26T17:14:29
db:	CNNVD	id:	CNNVD-201502-325	date:	2015-02-15T00:00:00
db:	NVD	id:	CVE-2014-9679	date:	2015-02-19T15:59:11.313