CUPS Internet Printing Protocol denial of service

cups-ipp-dos (13584)

Low Risk

Description:

Common Unix Printing System (CUPS) is vulnerable to a denial of service. By connecting to TCP port 631, a local attacker can cause a denial of service in the Internet Printing Protocol (IPP) and cause IPP to enter into an infinite loop.

Platforms Affected:

• Conectiva, Linux 7.0
• Conectiva, Linux 8.0
• Conectiva, Linux 9.0
• Easy Software Products, CUPS 1.1.19
• MandrakeSoft, Mandrake Linux 9.0
• MandrakeSoft, Mandrake Linux Corporate Server 2.1 X86_64
• MandrakeSoft, Mandrake Linux Corporate Server 2.1
• RedHat, Linux 7
• RedHat, Linux 7.1
• RedHat, Linux 7.2
• RedHat, Linux 7.3
• RedHat, Linux 8.0
• RedHat, Linux 9.0
• SCO, Caldera OpenLinux Server 3.1.1
• SCO, Caldera OpenLinux Workstation 3.1.1
• Turbolinux, Turbolinux 8 Server
• Turbolinux, Turbolinux 8 Workstation

Remedy:

Upgrade to the latest version of CUPS (1.2 or later), available from the CUPS Web site. See References.

For Red Hat Linux:
Upgrade to the latest cups package, as listed below. Refer to RHSA-2003:275-07 for more information. See References.

Red Hat Linux 8.0: 1.1.17-0.9 or later
Red Hat Linux 9: 1.1.17-13.3.0.3 or later

For Conectiva Linux:
Upgrade to the latest cups package, as listed below. Refer to Conectiva Linux Security Announcement CLSA-2003:779 for more information. See References.

Conectiva Linux 7.0: 1.1.14-1U70_5cl or later
Conectiva Linux 8: 1.1.14-2U80_5cl or later
Conectiva Linux 9: 1.1.18-29091U90_2cl or later

For Turbolinux:
Upgrade to the latest cups package (1.1.19-11 or later), as listed in Turbolinux Security Advisory TLSA-2003-63. See References.

For Caldera OpenLinux 3.1.1 (Server and Workstation):
Upgrade to the latest cups package (1.1.20-1 or later), as listed in SCO Security Advisory CSSA-2004-012.0. See References.

For other distributions:
Contact your vendor for upgrade or patch information.

Consequences:

Denial of Service

References:

• Bugzilla Bug 97958, IPP at 100% processor doing nothing useful. at http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=97958.
• Conectiva Linux Security Announcement CLSA-2003:779, cups at http://distro.conectiva.com/atualizacoes/index.php?id=a&anuncio=000779.
• CUPS Web site, Software - Common UNIX Printing System at http://www.cups.org/software.php.
• SCO Security Advisory CSSA-2004-012.0, OpenLinux: cups denial of service vulnerability at http://www.linuxsecurity.com/content/view/105814/98/. (From LinuxSecurity archive)
• BID-8952: Cups Internet Printing Protocol Job Loop Denial Of Service Vulnerability
• CVE-2003-0788: Unknown vulnerability in the Internet Printing Protocol (IPP) implementation in CUPS before 1.1.19 allows remote attackers to cause a denial of service (CPU consumption from a busy loop) via certain inputs to the IPP port (TCP 631).
• MDKSA-2003:104: Updated CUPS packages fix denial of service vulnerability
• RHSA-2003-275: Updated CUPS packages fix denial of service
• SA10123: CUPS Unspecified Denial of Service Vulnerability

Reported:

Jun 24, 2003

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

Copyright (c) 1994-2008 Internet Security Systems, Inc. All rights reserved worldwide.

For corrections or additions please email xforce@iss.net

Return to the main page