Login   |   Secure Purdue > News

New Buffer Overflow Vulnerability in CUPS CGI

CUPS (Common UNIX Printing System), which provides a standard printer interface for various Unix based operating systems, has a new vulnerability.  An unspecified error within the CUPS CGI backend, if exploited by an attacker, could cause a heap-based buffer overflow by sending a specially crafted IPP request.

The ability to execute arbitrary code is possible if exploitation is successful, but it does require the vulnerable system to be sharing printers on the network.  If printer sharing is disabled, exploitation of this vulnerability is limited to malicious local users.

This vulnerability was reported in version 1.3.5, although other versions may also be affected. 

Currently, this vulnerability is unpatched.  The best solution is to restrict access to trusted users only and to disable printer sharing.

REFERENCES:

Secunia Advisory SA29431:

http://secunia.com/advisories/29431/

iDefense Labs:

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=674

Posted by Kitch Spicer on March 20, 2008, in Handlers Log.