Slackware 12.0 / current : cups (SSA:2008-094-01)

high Nessus Plugin ID 31740

Synopsis

The remote Slackware host is missing a security update.

Description

New cups packages are available for Slackware 12.0, and -current to fix security issues. The change from CUPS 1.2.x to CUPS 1.3.x was tested here, but if you're on a completely secured internal network these issues may be less of a risk than upgrading. If your IPP port is open to the internet, you'd be advised to upgrade as soon as possible (or firewall the port at the gateway if you're not in need of printer jobs coming in from the internet).

Solution

Update the affected cups package.

See Also

http://www.nessus.org/u?93a345b8

Plugin Details

Severity: High

ID: 31740

File Name: Slackware_SSA_2008-094-01.nasl

Version: 1.16

Type: local

Published: 4/4/2008

Updated: 1/14/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.6

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:slackware:slackware_linux:cups, cpe:/o:slackware:slackware_linux, cpe:/o:slackware:slackware_linux:12.0

Required KB Items: Host/local_checks_enabled, Host/Slackware/release, Host/Slackware/packages

Exploit Ease: No known exploits are available

Patch Publication Date: 4/3/2008

Reference Information

CVE: CVE-2008-0047, CVE-2008-1373

BID: 28307, 28544

CWE: 119

SSA: 2008-094-01