Source: cups Severity: important Version: 1.3.7-1 Tags: security Hi,
An exploit[0][1] has been published for CUPS. > The daemon crashes when more than 100 RSS Subscriptions are added which has > been successfully tested on the latest versions of openSuse and Ubuntu > Desktop at time of writing (11.0 and 8.04.1 respectively). For some reason, > the user doesn’t need to login to add RSS subscriptions, although > authentication is required to perform other actions. I’m not sure if this > bug can lead to remote code execution. Further investigation/gdbing is > required. Note: when reproducing it locally in a default Debian setup, I was required to login before the RSS subscriptions could be added and then crash cupsd. If you fix the vulnerability please also make sure to include the CVE id when one is assigned in the changelog entry. [0]http://www.gnucitizen.org/blog/pwning-ubuntu-via-cups/ [1]http://www.milw0rm.com/exploits/7151 Cheers, -- Raphael Geissert - Debian Maintainer www.debian.org - get.debian.net
signature.asc
Description: This is a digitally signed message part.
