Signature Detail

APP: Multiple Vendor CUPS GIF Decoding Routine Buffer Overflow

This signature detects attempts to exploit a known vulnerability against multiple vendor CUPS GIF Decoders. A successful attack can result in a denial-of-service condition.

Extended Description

CUPS is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied GIF image data before copying it to an insufficiently sized buffer. Successful exploits allow attackers to execute arbitrary code with the privileges of a user running the utilities. Failed exploit attempts likely cause denial-of-service conditions. CUPS 1.3.6 is vulnerable; other versions may also be affected.

Affected Products

• Debian Linux 4.0
• Debian Linux 4.0 Alpha
• Debian Linux 4.0 Amd64
• Debian Linux 4.0 Arm
• Debian Linux 4.0 Hppa
• Debian Linux 4.0 Ia-32
• Debian Linux 4.0 Ia-64
• Debian Linux 4.0 M68k
• Debian Linux 4.0 Mips
• Debian Linux 4.0 Mipsel
• Debian Linux 4.0 Powerpc
• Debian Linux 4.0 S/390
• Debian Linux 4.0 Sparc
• Easy Software Products CUPS 1.3.6
• Gentoo net-print/cups 1.2.12-R6
• Mandriva Corporate Server 3.0.0
• Mandriva Corporate Server 3.0.0 X86 64
• Mandriva Corporate Server 4.0
• Mandriva Corporate Server 4.0.0 X86 64
• Mandriva Linux Mandrake 2007.0
• Mandriva Linux Mandrake 2007.0 X86 64
• Mandriva Linux Mandrake 2007.1
• Mandriva Linux Mandrake 2007.1 X86 64
• Mandriva Linux Mandrake 2008.0
• Mandriva Linux Mandrake 2008.0 X86 64
• Red Hat Desktop 3.0.0
• Red Hat Desktop 4.0.0
• Red Hat Enterprise Linux 5 Server
• Red Hat Enterprise Linux AS 3
• Red Hat Enterprise Linux AS 4
• Red Hat Enterprise Linux Desktop 5 Client
• Red Hat Enterprise Linux Desktop Workstation 5 Client
• Red Hat Enterprise Linux ES 3
• Red Hat Enterprise Linux ES 4
• Red Hat Enterprise Linux WS 3
• Red Hat Enterprise Linux WS 4
• Red Hat Fedora 7
• Red Hat Fedora 8
• rPath rPath Linux 1
• Slackware Linux 12.0
• SuSE Linux 10.1 Ppc
• SuSE Linux 10.1 X86
• SuSE Linux 10.1 X86-64
• SuSE Novell Linux Desktop 9.0.0
• SuSE Novell Linux POS 9
• SuSE Open-Enterprise-Server
• SuSE openSUSE 10.2
• SuSE openSUSE 10.3
• SuSE SUSE Linux Enterprise Desktop 10 SP1
• SuSE SUSE Linux Enterprise Server 10 SP1
• SuSE SUSE Linux Enterprise Server 9
• Turbolinux Appliance Server 1.0.0 Hosting Edition
• Turbolinux Appliance Server 1.0.0 Workgroup Edition
• Turbolinux Appliance Server 2.0
• Turbolinux Appliance Server 3.0
• Turbolinux Appliance Server 3.0 X64
• Turbolinux Appliance Server Hosting Edition 1.0.0
• Turbolinux Appliance Server Workgroup Edition 1.0.0
• Turbolinux FUJI
• Turbolinux Multimedia
• Turbolinux Personal
• Turbolinux Turbolinux Server 10.0.0
• Turbolinux Turbolinux Server 10.0.0 X64
• Turbolinux Turbolinux Server 11
• Turbolinux Turbolinux Server 11 X64
• Ubuntu Ubuntu Linux 6.06 LTS Amd64
• Ubuntu Ubuntu Linux 6.06 LTS I386
• Ubuntu Ubuntu Linux 6.06 LTS Powerpc
• Ubuntu Ubuntu Linux 6.06 LTS Sparc
• Ubuntu Ubuntu Linux 6.10 Amd64
• Ubuntu Ubuntu Linux 6.10 I386
• Ubuntu Ubuntu Linux 6.10 Powerpc
• Ubuntu Ubuntu Linux 6.10 Sparc
• Ubuntu Ubuntu Linux 7.04 Amd64
• Ubuntu Ubuntu Linux 7.04 I386
• Ubuntu Ubuntu Linux 7.04 Powerpc
• Ubuntu Ubuntu Linux 7.04 Sparc
• Ubuntu Ubuntu Linux 7.10 Amd64
• Ubuntu Ubuntu Linux 7.10 I386
• Ubuntu Ubuntu Linux 7.10 Powerpc
• Ubuntu Ubuntu Linux 7.10 Sparc

References

• BugTraq: 28544
• CVE: CVE-2008-1373