Debians sikkerhedsbulletin

DSA-232-1 cupsys -- flere sårbarheder

Rapporteret den:
20. jan 2003
Berørte pakker:
cupsys
Sårbar:
Ja
Referencer i sikkerhedsdatabaser:
I Bugtraq-databasen (hos SecurityFocus): BugTraq-id 6475, BugTraq-id 6440, BugTraq-id 6439, BugTraq-id 6438, BugTraq-id 6437, BugTraq-id 6436, BugTraq-id 6435.
I Mitres CVE-ordbog: CVE-2002-1366, CVE-2002-1367, CVE-2002-1368, CVE-2002-1369, CVE-2002-1371, CVE-2002-1372, CVE-2002-1383, CVE-2002-1384.
Yderligere oplysninger:

Flere sårbarheder er fundet i Common Unix Printing System (CUPS). Flere af disse problemer kan potentielt udnyttes af en fjernbruger eller ved et overbelastningsangreb (denial of service). Projektet Common Vulnerabilities and Exposures har fundet frem til følgende problemer:

  • CAN-2002-1383: Flere heltalsoverløb gør det muligt for en fjernangriber at udføre vilkårlig kode via CUPSd HTTP-grænsefladen og billedhåndteringskoden i CUPS-filtrene.
  • CAN-2002-1366: "Race conditions" i forbindelse med /etc/cups/certs/ gør det muligt for lokale brugere med lp-rettigheder, at oprette eller overskrive vilkårlige filer. Dette problem findes ikke i potato-udgaven.
  • CAN-2002-1367: Denne sårbarhed gør det muligt for en fjernangriber, at tilføje printere uden autentifikation via en bestemt UDP-pakke, hvilket dermed kan udnyttes til at udføre uautoriserede aktiviteter såsom at stæjle det lokale root-certifikat til administrationsserveren via en "kræver autorisation"-side.
  • CAN-2002-1368: Negative længde overført til memcpy() kan forårsage et overbelastningsangreb og måske også udførelse af vilkårlig kode.
  • CAN-2002-1369: Et usikkert strncat()-funktionskald til behandling af indstillingsstrengen, giver en fjernangriber mulighed for at udføre vilkårlig kode via et bufferoverløb.
  • CAN-2002-1371: Billeder med en bredde på nul, gør det muligt for en fjernangriber at udføre vilkårlig kode via tilpassede chunk-headere.
  • CAN-2002-1372: CUPS kontrollerer ikke på korrekt vis, returværdierne fra forskellige fil- og socket-handlinger, hvilket kan give en fjernangriber mulighed for at forårsage et overbelastningsangreb.
  • CAN-2002-1384: Pakken cupsys indeholder noget kode fra pakken xpdf, der anvendes til at konvertere PDF-filer til udskrift, hvilket indeholder en heltalsoverløbsfejl, der kan udnyttes. Dette problem findes ikke i potato-udgaven.

Selvom vi har gjort os stor umage med, også at rette alle disse problemer i pakkerne til potato, kan pakkerne stadig indeholder andre sikkerhedsrelaterede problemer. Derfor opfordrer vi brugere af potato-systemer hvor CUPS anvendes, til snart at opgradere til woody.

I den aktuelle stabile distribution (woody) er disse problemer rettet i version 1.1.14-4.3.

I den gamle stabile distribution (potato) er disse problemer rettet i version 1.0.4-12.1.

I den ustabile distribution (sid) er disse problemer rettet i version 1.1.18-1.

Vi anbefaler at du omgående opgraderer dine CUPS-pakker.

Rettet i:

Debian GNU/Linux 2.2 (potato)

Kildekode:
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.0.4-12.1.dsc
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.0.4-12.1.diff.gz
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.0.4.orig.tar.gz
Alpha:
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.0.4-12.1_alpha.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.0.4-12.1_alpha.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1_1.0.4-12.1_alpha.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1-dev_1.0.4-12.1_alpha.deb
ARM:
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.0.4-12.1_arm.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.0.4-12.1_arm.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1_1.0.4-12.1_arm.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1-dev_1.0.4-12.1_arm.deb
Intel IA-32:
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.0.4-12.1_i386.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.0.4-12.1_i386.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1_1.0.4-12.1_i386.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1-dev_1.0.4-12.1_i386.deb
Motorola 680x0:
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.0.4-12.1_m68k.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.0.4-12.1_m68k.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1_1.0.4-12.1_m68k.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1-dev_1.0.4-12.1_m68k.deb
PowerPC:
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.0.4-12.1_powerpc.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.0.4-12.1_powerpc.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1_1.0.4-12.1_powerpc.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1-dev_1.0.4-12.1_powerpc.deb
Sun Sparc:
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.0.4-12.1_sparc.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.0.4-12.1_sparc.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1_1.0.4-12.1_sparc.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1-dev_1.0.4-12.1_sparc.deb

Debian GNU/Linux 3.0 (woody)

Kildekode:
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-4.4.dsc
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-4.4.diff.gz
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14.orig.tar.gz
Alpha:
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-4.4_alpha.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-4.4_alpha.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-4.4_alpha.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-4.4_alpha.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-4.4_alpha.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-4.4_alpha.deb
ARM:
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-4.4_arm.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-4.4_arm.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-4.4_arm.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-4.4_arm.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-4.4_arm.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-4.4_arm.deb
Intel IA-32:
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-4.4_i386.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-4.4_i386.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-4.4_i386.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-4.4_i386.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-4.4_i386.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-4.4_i386.deb
Intel IA-64:
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-4.4_ia64.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-4.4_ia64.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-4.4_ia64.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-4.4_ia64.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-4.4_ia64.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-4.4_ia64.deb
HPPA:
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-4.4_hppa.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-4.4_hppa.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-4.4_hppa.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-4.4_hppa.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-4.4_hppa.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-4.4_hppa.deb
Motorola 680x0:
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-4.4_m68k.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-4.4_m68k.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-4.4_m68k.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-4.4_m68k.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-4.4_m68k.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-4.4_m68k.deb
Big endian MIPS:
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-4.4_mips.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-4.4_mips.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-4.4_mips.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-4.4_mips.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-4.4_mips.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-4.4_mips.deb
Little endian MIPS:
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-4.4_mipsel.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-4.4_mipsel.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-4.4_mipsel.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-4.4_mipsel.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-4.4_mipsel.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-4.4_mipsel.deb
PowerPC:
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-4.4_powerpc.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-4.4_powerpc.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-4.4_powerpc.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-4.4_powerpc.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-4.4_powerpc.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-4.4_powerpc.deb
IBM S/390:
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-4.4_s390.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-4.4_s390.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-4.4_s390.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-4.4_s390.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-4.4_s390.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-4.4_s390.deb
Sun Sparc:
http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-4.4_sparc.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-4.4_sparc.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-4.4_sparc.deb
http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-4.4_sparc.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-4.4_sparc.deb
http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-4.4_sparc.deb

MD5-kontrolsummer for de listede filer findes i den originale sikkerhedsbulletin.

MD5-kontrolsummer for de listede filer findes i den reviderede sikkerhedsbulletin.