This site is deprecated. Please
CLICK HERE for latest updates
Short Name |
HTTP:APPLE-SGI-BOF
|
Severity |
Major
|
Recommended |
No
|
Recommended Action |
Drop
|
Category |
HTTP
|
Keywords |
Apple CUPS SGI Image Format Decoding imagetops Filter Buffer Overflow
|
Release Date |
2011/07/26
|
Update Number |
1961
|
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+
|
HTTP: Apple CUPS SGI Image Format Decoding imagetops Filter Buffer Overflow
This signature detects attempts to exploit a known buffer overflow vulnerability in Apple's Common Unix Printing System (CUPS) distributed by multiple vendors. It is due to a boundary error in handling SGI Image format files. A remote attacker can exploit this vulnerability to compromise a vulnerable system. In an attack case where code injection is not successful, the affected application will terminate abnormally. In a more sophisticated attack case where code injection is successful, the behaviour of the target is entirely dependent on the intended function of the injected code. The code in such a case would execute within the security context of the affected service, with the privileges of the printer user, normally lp.
Extended Description
CUPS is prone to multiple heap-based buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data before using it to allocate memory buffers.
Remote attackers can exploit these issues to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely cause a denial-of-service condition. Note that local attackers may also exploit these vulnerabilities to elevate privileges.
Successful remote exploits may require printer sharing to be enabled on the vulnerable system.
These issues affect versions prior to CUPS 1.3.9.
Affected Products
- Avaya intuity_audix_lx 2.0
- Avaya message_networking 3.1
- Avaya message_networking MN 3.1
- Avaya message_networking
- Avaya messaging_storage_server 1.0
- Avaya messaging_storage_server 2.0
- Avaya messaging_storage_server 3.1
- Avaya messaging_storage_server 4.0
- Avaya messaging_storage_server MM3.0
- Avaya messaging_storage_server
- Avaya proactive_contact 3.0
- Avaya proactive_contact 4.0
- Avaya proactive_contact
- Avaya voice_portal 3.0
- Debian linux 4.0
- Debian linux 4.0 Alpha
- Debian linux 4.0 Amd64
- Debian linux 4.0 Arm
- Debian linux 4.0 Hppa
- Debian linux 4.0 Ia-32
- Debian linux 4.0 Ia-64
- Debian linux 4.0 M68k
- Debian linux 4.0 Mips
- Debian linux 4.0 Mipsel
- Debian linux 4.0 Powerpc
- Debian linux 4.0 S/390
- Debian linux 4.0 Sparc
- Easy_software_products cups 1.0.4
- Easy_software_products cups 1.0.4 -8
- Easy_software_products cups 1.1.1
- Easy_software_products cups 1.1.10
- Easy_software_products cups 1.1.12
- Easy_software_products cups 1.1.13
- Easy_software_products cups 1.1.14
- Easy_software_products cups 1.1.15
- Easy_software_products cups 1.1.16
- Easy_software_products cups 1.1.17
- Easy_software_products cups 1.1.18
- Easy_software_products cups 1.1.19
- Easy_software_products cups 1.1.19 Rc5
- Easy_software_products cups 1.1.20
- Easy_software_products cups 1.1.21
- Easy_software_products cups 1.1.22
- Easy_software_products cups 1.1.22 Rc1
- Easy_software_products cups 1.1.23
- Easy_software_products cups 1.1.23 Rc1
- Easy_software_products cups 1.1.4
- Easy_software_products cups 1.1.4 -2
- Easy_software_products cups 1.1.4 -3
- Easy_software_products cups 1.1.4 -5
- Easy_software_products cups 1.1.6
- Easy_software_products cups 1.1.7
- Easy_software_products cups 1.2.10
- Easy_software_products cups 1.2.12
- Easy_software_products cups 1.2.2
- Easy_software_products cups 1.2.4
- Easy_software_products cups 1.2.8
- Easy_software_products cups 1.2.9
- Easy_software_products cups 1.3.2
- Easy_software_products cups 1.3.3
- Easy_software_products cups 1.3.5
- Easy_software_products cups 1.3.6
- Easy_software_products cups 1.3.7
- Gentoo linux
- Mandriva corporate_server 3.0.0
- Mandriva corporate_server 3.0.0 X86 64
- Mandriva corporate_server 4.0
- Mandriva corporate_server 4.0.0 X86 64
- Mandriva linux_mandrake 2007.1
- Mandriva linux_mandrake 2007.1 X86 64
- Mandriva linux_mandrake 2008.0
- Mandriva linux_mandrake 2008.0 X86 64
- Mandriva linux_mandrake 2008.1
- Mandriva linux_mandrake 2008.1 X86 64
- Mandriva linux_mandrake 2009.0
- Mandriva linux_mandrake 2009.0 X86 64
- Pardus linux_2008
- Red_hat desktop 3.0.0
- Red_hat desktop 4.0.0
- Red_hat enterprise_linux 5 Server
- Red_hat enterprise_linux_as 3
- Red_hat enterprise_linux_as 4
- Red_hat enterprise_linux_desktop 5 Client
- Red_hat enterprise_linux_desktop_workstation 5 Client
- Red_hat enterprise_linux_es 3
- Red_hat enterprise_linux_es 4
- Red_hat enterprise_linux_ws 3
- Red_hat enterprise_linux_ws 4
- Red_hat fedora 8
- Red_hat fedora 9
- Rpath appliance_platform_linux_service 1
- Rpath appliance_platform_linux_service 2
- Rpath rpath_linux 1
- Rpath rpath_linux 2
- Slackware linux 12.1
- Sun opensolaris Build Snv 100
- Sun opensolaris Build Snv 101
- Sun opensolaris Build Snv 101A
- Sun opensolaris Build Snv 102
- Sun opensolaris Build Snv 87
- Sun opensolaris Build Snv 88
- Sun opensolaris Build Snv 89
- Sun opensolaris Build Snv 90
- Sun opensolaris Build Snv 91
- Sun opensolaris Build Snv 92
- Sun opensolaris Build Snv 93
- Sun opensolaris Build Snv 94
- Sun opensolaris Build Snv 95
- Sun opensolaris Build Snv 96
- Sun opensolaris Build Snv 99
- Suse novell_linux_desktop 9.0.0
- Suse novell_linux_pos 9
- Suse open-enterprise-server
- Suse opensuse 10.2
- Suse opensuse 10.3
- Suse opensuse 11.0
- Suse suse_linux_enterprise_desktop 10 SP1
- Suse suse_linux_enterprise_desktop 10 SP2
- Suse suse_linux_enterprise_server 10 SP1
- Suse suse_linux_enterprise_server 10 SP2
- Suse suse_linux_enterprise_server 8
- Suse suse_linux_enterprise_server 9
- Turbolinux appliance_server 1.0.0 Hosting Edition
- Turbolinux appliance_server 1.0.0 Workgroup Edition
- Turbolinux appliance_server 2.0
- Turbolinux appliance_server 3.0
- Turbolinux appliance_server 3.0 X64
- Turbolinux appliance_server_hosting_edition 1.0.0
- Turbolinux appliance_server_workgroup_edition 1.0.0
- Turbolinux client 2008
- Turbolinux fuji
- Turbolinux multimedia
- Turbolinux personal
- Turbolinux turbolinux_server 10.0.0
- Turbolinux turbolinux_server 10.0.0 X64
- Turbolinux turbolinux_server 11
- Turbolinux turbolinux_server 11 X64
- Turbolinux wizpy
- Ubuntu ubuntu_linux 6.06 LTS Amd64
- Ubuntu ubuntu_linux 6.06 LTS I386
- Ubuntu ubuntu_linux 6.06 LTS Powerpc
- Ubuntu ubuntu_linux 6.06 LTS Sparc
- Ubuntu ubuntu_linux 7.04 Amd64
- Ubuntu ubuntu_linux 7.04 I386
- Ubuntu ubuntu_linux 7.04 Powerpc
- Ubuntu ubuntu_linux 7.04 Sparc
- Ubuntu ubuntu_linux 7.10 Amd64
- Ubuntu ubuntu_linux 7.10 I386
- Ubuntu ubuntu_linux 7.10 Lpia
- Ubuntu ubuntu_linux 7.10 Powerpc
- Ubuntu ubuntu_linux 7.10 Sparc
- Ubuntu ubuntu_linux 8.04 LTS Amd64
- Ubuntu ubuntu_linux 8.04 LTS I386
- Ubuntu ubuntu_linux 8.04 LTS Lpia
- Ubuntu ubuntu_linux 8.04 LTS Powerpc
- Ubuntu ubuntu_linux 8.04 LTS Sparc
References