CUPS 'cupsd' RSS订阅NULL指针引用本地拒绝服务漏洞

BUGTRAQ ID: 32419
CVE ID：CVE-2008-5183
CNCVE ID：CNCVE-20085183

漏洞消息时间:2008-11-20

漏洞起因
设计错误

影响系统
Easy Software Products CUPS 1.3.7
Easy Software Products CUPS 1.3.6
Easy Software Products CUPS 1.3.5
Easy Software Products CUPS 1.3.3
Easy Software Products CUPS 1.3.2
Easy Software Products CUPS 1.2.12
Easy Software Products CUPS 1.2.10
Easy Software Products CUPS 1.2.9
Easy Software Products CUPS 1.2.8
Easy Software Products CUPS 1.2.4
Easy Software Products CUPS 1.2.2
Easy Software Products CUPS 1.1.23 rc1
+ Gentoo Linux
Easy Software Products CUPS 1.1.23
+ Gentoo Linux
Easy Software Products CUPS 1.1.22 rc1
Easy Software Products CUPS 1.1.22
Easy Software Products CUPS 1.1.21
+ MandrakeSoft Linux Mandrake 10.1 x86_64
+ MandrakeSoft Linux Mandrake 10.1
Easy Software Products CUPS 1.1.20
+ ALT Linux ALT Linux Compact 2.3
+ ALT Linux ALT Linux Junior 2.3
+ Gentoo Linux 1.4 _rc3
+ Gentoo Linux 1.4 _rc2
+ Gentoo Linux 1.4 _rc1
+ MandrakeSoft apcupsd 2006.0
+ MandrakeSoft Linux Mandrake 10.0 AMD64
+ MandrakeSoft Linux Mandrake 10.0
+ S.u.S.E. Linux Personal 9.1
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Easy Software Products CUPS 1.1.19 rc5
Easy Software Products CUPS 1.1.19
+ MandrakeSoft Linux Mandrake 9.2 amd64
+ MandrakeSoft Linux Mandrake 9.2
+ Turbolinux Appliance Server 1.0 Workgroup Edition
+ Turbolinux Appliance Server 1.0 Hosting Edition
+ Turbolinux Appliance Server Hosting Edition 1.0
+ Turbolinux Appliance Server Workgroup Edition 1.0
+ Turbolinux Home
+ Turbolinux Turbolinux Desktop 10.0
+ Turbolinux Turbolinux Server 8.0
+ Turbolinux Turbolinux Workstation 8.0
Easy Software Products CUPS 1.1.18
+ Conectiva Linux 9.0
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
+ MandrakeSoft Linux Mandrake 9.0
+ MandrakeSoft Multi Network Firewall 2.0
+ S.u.S.E. Linux Personal 8.2
Easy Software Products CUPS 1.1.17
+ RedHat Desktop 3.0
+ RedHat Enterprise Linux AS 3
+ RedHat Enterprise Linux ES 3
+ RedHat Enterprise Linux WS 3
Easy Software Products CUPS 1.1.16
+ MandrakeSoft Linux Mandrake 9.0
Easy Software Products CUPS 1.1.15
+ Conectiva Linux Enterprise Edition 1.0
+ S.u.S.E. Linux 8.1
Easy Software Products CUPS 1.1.14
+ Conectiva Linux 8.0
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
+ MandrakeSoft Linux Mandrake 8.2 ppc
+ MandrakeSoft Linux Mandrake 8.2
Easy Software Products CUPS 1.1.13
Easy Software Products CUPS 1.1.12
+ S.u.S.E. Linux 8.0 i386
+ S.u.S.E. Linux 8.0
Easy Software Products CUPS 1.1.10
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Workstation 3.1.1
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ MandrakeSoft Linux Mandrake 8.1 ia64
+ MandrakeSoft Linux Mandrake 8.1
+ S.u.S.E. Linux 7.3 sparc
+ S.u.S.E. Linux 7.3 ppc
+ S.u.S.E. Linux 7.3 i386
Easy Software Products CUPS 1.1.7
Easy Software Products CUPS 1.1.6
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1
+ MandrakeSoft Linux Mandrake 8.0 ppc
+ MandrakeSoft Linux Mandrake 8.0
+ S.u.S.E. Linux 7.2 i386
+ S.u.S.E. Linux 7.1 x86
+ S.u.S.E. Linux 7.1 sparc
+ S.u.S.E. Linux 7.1 ppc
+ S.u.S.E. Linux 7.1 alpha
Easy Software Products CUPS 1.1.4 -5
Easy Software Products CUPS 1.1.4 -3
+ MandrakeSoft Linux Mandrake 7.2
Easy Software Products CUPS 1.1.4 -2
+ Debian Linux 2.3
Easy Software Products CUPS 1.1.4
+ Debian Linux 2.3
+ MandrakeSoft Linux Mandrake 7.2
Easy Software Products CUPS 1.1.1
+ RedHat PowerTools 7.0
Easy Software Products CUPS 1.0.4 -8
+ Debian Linux 2.2
Easy Software Products CUPS 1.0.4
+ Debian Linux 2.2
DrPhibez and Nitro187 Guild FTPD 1.1.19 rc5

不受影响系统
Easy Software Products CUPS 1.3.8

危害
本地***者可以利用漏洞对服务程序进行拒绝服务***。

***所需条件
***者必须访问CUPS。

漏洞信息
Common Unix Printing System是一款通用Unix打印系统，是Unix环境下的跨平台打印解决方案，基于Internet打印协议，提供大多数PostScript和raster打印机服务。
CUPS 'cupsd' RSS订阅存在NULL指针引用问题，本地***者可以利用漏洞对服务程序进行拒绝服务***。
目前没有详细漏洞细节提供。

测试方法

厂商解决方案
可联系供应商获得补丁信息：
http://www.cups.org/

漏洞提供者
Adrian 'pagvac' Pastor from GNUCITIZEN

漏洞消息链接
http://lab.gnucitizen.org/projects/cups-0day

漏洞消息标题
cups-0da

文章来源： http://www.venustech.com.cn/