CVE-2002-1372
CVSS5.0
发布时间 :2002-12-26 00:00:00
修订时间 :2016-10-17 22:26:26
NMCOS    

[原文]Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descriptors to be assigned and not released, as demonstrated by fanta.


[CNNVD]CUPS文件描述符泄露远程拒绝服务攻击漏洞(CNNVD-200212-066)

        
        Common Unix Printing System (CUPS)是一款通用Unix打印系统,是Unix环境下的跨平台打印解决方案,基于Internet打印协议,提供大多数PostScript和raster打印机服务。
        CUPS在部分环境下会泄露文件描述符信息,远程攻击者可以利用这个漏洞进行对CUPS进行拒绝服务攻击。
        在返回多个文件和套接口操作时没有正确检查返回值,可导致文件描述符信息泄露,攻击者可以通过重用cupsd打印服务使用的文件描述符而触发拒绝服务。
        

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:easy_software_products:cups:1.1.7
cpe:/a:easy_software_products:cups:1.1.4_2
cpe:/a:easy_software_products:cups:1.1.6
cpe:/a:easy_software_products:cups:1.1.4_3
cpe:/a:easy_software_products:cups:1.0.4
cpe:/a:easy_software_products:cups:1.1.4_5
cpe:/o:apple:mac_os_x:10.2Apple Mac OS X 10.2
cpe:/a:easy_software_products:cups:1.1.10
cpe:/a:easy_software_products:cups:1.1.13
cpe:/a:easy_software_products:cups:1.1.14
cpe:/a:easy_software_products:cups:1.1.4
cpe:/a:easy_software_products:cups:1.1.17
cpe:/a:easy_software_products:cups:1.1.1
cpe:/o:apple:mac_os_x:10.2.2Apple Mac OS X 10.2.2
cpe:/a:easy_software_products:cups:1.0.4_8

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1372
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-1372
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200212-066
(官方数据源) CNNVD

- 其它链接及资源

http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html
(UNKNOWN)  VULNWATCH  20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS)
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000702
(UNKNOWN)  CONECTIVA  CLSA-2003:702
http://marc.info/?l=bugtraq&m=104032149026670&w=2
(UNKNOWN)  BUGTRAQ  20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS)
http://www.debian.org/security/2003/dsa-232
(UNKNOWN)  DEBIAN  DSA-232
http://www.idefense.com/advisory/12.19.02.txt
(VENDOR_ADVISORY)  MISC  http://www.idefense.com/advisory/12.19.02.txt
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001
(UNKNOWN)  MANDRAKE  MDKSA-2003:001
http://www.novell.com/linux/security/advisories/2003_002_cups.html
(UNKNOWN)  SUSE  SuSE-SA:2003:002
http://www.redhat.com/support/errata/RHSA-2002-295.html
(UNKNOWN)  REDHAT  RHSA-2002:295
http://www.securityfocus.com/bid/6440
(UNKNOWN)  BID  6440
http://xforce.iss.net/xforce/xfdb/10912
(VENDOR_ADVISORY)  XF  cups-file-descriptor-dos(10912)

- 漏洞信息

CUPS文件描述符泄露远程拒绝服务攻击漏洞
中危 访问验证错误
2002-12-26 00:00:00 2006-01-18 00:00:00
远程  
        
        Common Unix Printing System (CUPS)是一款通用Unix打印系统,是Unix环境下的跨平台打印解决方案,基于Internet打印协议,提供大多数PostScript和raster打印机服务。
        CUPS在部分环境下会泄露文件描述符信息,远程攻击者可以利用这个漏洞进行对CUPS进行拒绝服务攻击。
        在返回多个文件和套接口操作时没有正确检查返回值,可导致文件描述符信息泄露,攻击者可以通过重用cupsd打印服务使用的文件描述符而触发拒绝服务。
        

- 公告与补丁

        厂商补丁:
        Apple
        -----
        目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
        Apple MacOS X 10.2.3和MacOS X Server 10.2.3不受此漏洞影响。
        升级程序:
        Apple MacOS X 10.2 (Jaguar):
        Apple Upgrade MacOSXUpdateCombo10.2.3.dmg
        
        http://www.info.apple.com/kbnum/n120164

        Apple MacOS X 10.2.2:
        Apple Upgrade MacOSXUpdate10.2.3.dmg
        
        http://www.info.apple.com/kbnum/n120165

        Easy Software Products
        ----------------------
        目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
        Easy Software Products Upgrade CUPS 1.1.18
        
        http://www.cups.org/software.html

- 漏洞信息

10744
CUPS File/Socket Return Value File Descriptor Consumption DoS
Denial of Service
Loss of Availability

- 漏洞描述

Unknown or Incomplete

- 时间线

2002-12-19 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

CUPS File Descriptor Leakage Denial Of Service Vulnerability
Access Validation Error 6440
Yes No
2002-12-19 12:00:00 2009-07-11 07:17:00
Discovered by zen-parse.

- 受影响的程序版本

Easy Software Products CUPS 1.1.17
+ Red Hat Enterprise Linux AS 3
+ RedHat Desktop 3.0
+ RedHat Enterprise Linux ES 3
+ RedHat Enterprise Linux WS 3
Easy Software Products CUPS 1.1.16
+ Mandriva Linux Mandrake 9.0
Easy Software Products CUPS 1.1.15
+ Conectiva Linux Enterprise Edition 1.0
+ S.u.S.E. Linux 8.1
Easy Software Products CUPS 1.1.14
+ Conectiva Linux 8.0
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2
Easy Software Products CUPS 1.1.13
Easy Software Products CUPS 1.1.12
+ S.u.S.E. Linux 8.0 i386
+ S.u.S.E. Linux 8.0
Easy Software Products CUPS 1.1.10
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Workstation 3.1.1
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ S.u.S.E. Linux 7.3 sparc
+ S.u.S.E. Linux 7.3 ppc
+ S.u.S.E. Linux 7.3 i386
Easy Software Products CUPS 1.1.7
Easy Software Products CUPS 1.1.6
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
+ S.u.S.E. Linux 7.2 i386
+ S.u.S.E. Linux 7.1 x86
+ S.u.S.E. Linux 7.1 sparc
+ S.u.S.E. Linux 7.1 ppc
+ S.u.S.E. Linux 7.1 alpha
Easy Software Products CUPS 1.1.4 -5
Easy Software Products CUPS 1.1.4 -3
+ Mandriva Linux Mandrake 7.2
Easy Software Products CUPS 1.1.4 -2
+ Debian Linux 2.3
Easy Software Products CUPS 1.1.4
+ Debian Linux 2.3
+ Mandriva Linux Mandrake 7.2
Easy Software Products CUPS 1.1.1
+ RedHat PowerTools 7.0
Easy Software Products CUPS 1.0.4 -8
+ Debian Linux 2.2
Easy Software Products CUPS 1.0.4
+ Debian Linux 2.2
Apple Mac OS X 10.2.2
Apple Mac OS X 10.2
Easy Software Products CUPS 1.1.18
+ Conectiva Linux 9.0
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
+ MandrakeSoft Multi Network Firewall 2.0
+ Mandriva Linux Mandrake 9.0
+ S.u.S.E. Linux Personal 8.2
Apple Mac OS X 10.2.3

- 不受影响的程序版本

Easy Software Products CUPS 1.1.18
+ Conectiva Linux 9.0
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
+ MandrakeSoft Multi Network Firewall 2.0
+ Mandriva Linux Mandrake 9.0
+ S.u.S.E. Linux Personal 8.2
Apple Mac OS X 10.2.3

- 漏洞讨论

A vulnerability has been discovered in CUPS that may, under some circumstances, leak file descriptor information. By exploiting this vulnerability it may be possible for a remote attacker to reuse file descriptors used by the cupsd print service to cause a denial of service condition.

Exploitation of this issue may allow an attacker to bind a malicious server instead of the cupsd server.

- 漏洞利用

iDefense has developed a functional exploit, however it has not been released to the public.

- 解决方案

Conectiva has released advisory CLA-2003:702 to address this issue. Further information regarding obtaining and applying fixes can be found in the referenced advisory.

It is recommended that all Gentoo Linux users who are running
net-print/cups-1.1.17_pre20021025 or earlier update their systems as
follows:

emerge rsync
emerge cups
emerge clean

Debian has released a security advisory (DSA 232-1) containing fixes. Users are advised to upgrade as soon as possible.

** Debian has released an updated advisory (DSA 232-2) containing links to corrected fixes containing the proper dependencies for libPNG.

This vulnerability is eliminated in CUPS 1.1.18. Red Hat is currently developing fixes. Apple MacOS X 10.2.3 and MacOS X Server 10.2.3 are not vulnerable.


Easy Software Products CUPS 1.0.4 -8

Easy Software Products CUPS 1.0.4

Easy Software Products CUPS 1.1.1

Easy Software Products CUPS 1.1.10

Easy Software Products CUPS 1.1.12

Easy Software Products CUPS 1.1.13

Easy Software Products CUPS 1.1.14

Easy Software Products CUPS 1.1.15

Easy Software Products CUPS 1.1.16

Easy Software Products CUPS 1.1.17

Easy Software Products CUPS 1.1.4 -5

Easy Software Products CUPS 1.1.4 -2

Easy Software Products CUPS 1.1.4

Easy Software Products CUPS 1.1.4 -3

Easy Software Products CUPS 1.1.6

Easy Software Products CUPS 1.1.7

Apple Mac OS X 10.2

Apple Mac OS X 10.2.2

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站