Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 APP:CUPS-IPP-RCE

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 APP

Keywords

 Apple CUPS IPP Use-after-free Memory Corruption

Release Date

 2013/01/08

Update Number

 2223

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

APP: Apple CUPS IPP Use-after-free Memory Corruption


This signature detects attempts to exploit a known vulnerability against implementation of Internet Printing Protocol (IPP) of the Common Unix Printing System (CUPS). A successful attack can lead to arbitrary code execution.

Extended Description

CUPS server is prone to a remote memory-corruption vulnerability because it fails to properly parse Internet Printing Protocol (IPP) packets. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed attacks may cause a denial-of-service condition. CUPS versions prior to 1.3.7-18 are vulnerable.

Affected Products

  • Apple Mac OS X 10.5
  • Apple Mac OS X 10.5.0
  • Apple Mac OS X 10.5.1
  • Apple Mac OS X 10.5.2
  • Apple Mac OS X 10.5.3
  • Apple Mac OS X 10.5.4
  • Apple Mac OS X 10.5.5
  • Apple Mac OS X 10.5.6
  • Apple Mac OS X 10.5.7
  • Apple Mac OS X 10.5.8
  • Apple Mac OS X 10.6
  • Apple Mac OS X 10.6.1
  • Apple Mac OS X 10.6.2
  • Apple Mac OS X 10.6.3
  • Apple Mac OS X 10.6.4
  • Apple Mac OS X Server 10.5
  • Apple Mac OS X Server 10.5.0
  • Apple Mac OS X Server 10.5.1
  • Apple Mac OS X Server 10.5.2
  • Apple Mac OS X Server 10.5.3
  • Apple Mac OS X Server 10.5.4
  • Apple Mac OS X Server 10.5.5
  • Apple Mac OS X Server 10.5.6
  • Apple Mac OS X Server 10.5.7
  • Apple Mac OS X Server 10.5.8
  • Apple Mac OS X Server 10.6
  • Apple Mac OS X Server 10.6.1
  • Apple Mac OS X Server 10.6.2
  • Apple Mac OS X Server 10.6.3
  • Apple Mac OS X Server 10.6.4
  • Avaya Aura Presence Services 6.0
  • Avaya Aura Session Manager 1.1
  • Avaya Aura Session Manager 5.2
  • Avaya Aura Session Manager 6.0
  • Avaya Aura Session Manager 6.0 SP1
  • Avaya Aura System Manager 5.2
  • Avaya Aura System Manager 6.0
  • Avaya Aura System Manager 6.0 SP1
  • Avaya Aura System Platform 1.1
  • Avaya Aura System Platform 6.0
  • Avaya Communication Server 1000E 7.0
  • Avaya Communication Server 1000E 7.5
  • Avaya Communication Server 1000E Signaling Server 7.0
  • Avaya Communication Server 1000E Signaling Server 7.5
  • Avaya Communication Server 1000M 7.0
  • Avaya Communication Server 1000M 7.5
  • Avaya Communication Server 1000M Signaling Server 7.0
  • Avaya Communication Server 1000M Signaling Server 7.5
  • Avaya IQ 5
  • Avaya IQ 5.1
  • Debian Linux 5.0
  • Debian Linux 5.0 Alpha
  • Debian Linux 5.0 Amd64
  • Debian Linux 5.0 Arm
  • Debian Linux 5.0 Armel
  • Debian Linux 5.0 Hppa
  • Debian Linux 5.0 Ia-32
  • Debian Linux 5.0 Ia-64
  • Debian Linux 5.0 M68k
  • Debian Linux 5.0 Mips
  • Debian Linux 5.0 Mipsel
  • Debian Linux 5.0 Powerpc
  • Debian Linux 5.0 S/390
  • Debian Linux 5.0 Sparc
  • Easy Software Products CUPS 1.0.4
  • Easy Software Products CUPS 1.0.4 -8
  • Easy Software Products CUPS 1.1.1
  • Easy Software Products CUPS 1.1.10
  • Easy Software Products CUPS 1.1.12
  • Easy Software Products CUPS 1.1.13
  • Easy Software Products CUPS 1.1.14
  • Easy Software Products CUPS 1.1.15
  • Easy Software Products CUPS 1.1.16
  • Easy Software Products CUPS 1.1.17
  • Easy Software Products CUPS 1.1.18
  • Easy Software Products CUPS 1.1.19
  • Easy Software Products CUPS 1.1.19 Rc5
  • Easy Software Products CUPS 1.1.20
  • Easy Software Products CUPS 1.1.21
  • Easy Software Products CUPS 1.1.22
  • Easy Software Products CUPS 1.1.22 Rc1
  • Easy Software Products CUPS 1.1.23
  • Easy Software Products CUPS 1.1.23 Rc1
  • Easy Software Products CUPS 1.1.4
  • Easy Software Products CUPS 1.1.4 -2
  • Easy Software Products CUPS 1.1.4 -3
  • Easy Software Products CUPS 1.1.4 -5
  • Easy Software Products CUPS 1.1.6
  • Easy Software Products CUPS 1.1.7
  • Easy Software Products CUPS 1.2.10
  • Easy Software Products CUPS 1.2.12
  • Easy Software Products CUPS 1.2.2
  • Easy Software Products CUPS 1.2.4
  • Easy Software Products CUPS 1.2.8
  • Easy Software Products CUPS 1.2.9
  • Easy Software Products CUPS 1.3.10
  • Easy Software Products CUPS 1.3.2
  • Easy Software Products CUPS 1.3.3
  • Easy Software Products CUPS 1.3.5
  • Easy Software Products CUPS 1.3.6
  • Easy Software Products CUPS 1.3.7
  • Easy Software Products CUPS 1.3.7-17
  • Gentoo Linux
  • Mandriva Corporate Server 4.0
  • Mandriva Corporate Server 4.0.0 X86 64
  • Mandriva Enterprise Server 5
  • Mandriva Enterprise Server 5 X86 64
  • Mandriva Linux Mandrake 2009.0
  • Mandriva Linux Mandrake 2009.0 X86 64
  • Mandriva Linux Mandrake 2010.0
  • Mandriva Linux Mandrake 2010.0 X86 64
  • Mandriva Linux Mandrake 2010.1
  • Mandriva Linux Mandrake 2010.1 X86 64
  • Red Hat Enterprise Linux 5 Server
  • Red Hat Enterprise Linux Desktop 5 Client
  • Red Hat Enterprise Linux Desktop Workstation 5 Client
  • Red Hat Fedora 12
  • Red Hat Fedora 13
  • Red Hat Fedora 14
  • Slackware Linux 12.0
  • Slackware Linux 12.1
  • Slackware Linux 12.2
  • Slackware Linux 13.0
  • Slackware Linux 13.0 X86 64
  • Slackware Linux 13.1
  • Slackware Linux 13.1 X86 64
  • Slackware Linux -Current
  • Slackware Linux X86 64 -Current
  • Sun Solaris 10 Sparc
  • Sun Solaris 10 X86
  • Sun Solaris 11 Express
  • SuSE openSUSE 11.1
  • SuSE openSUSE 11.2
  • SuSE openSUSE 11.3
  • SuSE SUSE Linux Enterprise 10 SP3
  • SuSE SUSE Linux Enterprise 11
  • SuSE SUSE Linux Enterprise 11 SP1
  • SuSE SUSE Linux Enterprise Server 9
  • Ubuntu Ubuntu Linux 10.04 Amd64
  • Ubuntu Ubuntu Linux 10.04 ARM
  • Ubuntu Ubuntu Linux 10.04 I386
  • Ubuntu Ubuntu Linux 10.04 Powerpc
  • Ubuntu Ubuntu Linux 10.04 Sparc
  • Ubuntu Ubuntu Linux 10.10 amd64
  • Ubuntu Ubuntu Linux 10.10 ARM
  • Ubuntu Ubuntu Linux 10.10 i386
  • Ubuntu Ubuntu Linux 10.10 powerpc
  • Ubuntu Ubuntu Linux 6.06 LTS Amd64
  • Ubuntu Ubuntu Linux 6.06 LTS I386
  • Ubuntu Ubuntu Linux 6.06 LTS Powerpc
  • Ubuntu Ubuntu Linux 6.06 LTS Sparc
  • Ubuntu Ubuntu Linux 8.04 LTS Amd64
  • Ubuntu Ubuntu Linux 8.04 LTS I386
  • Ubuntu Ubuntu Linux 8.04 LTS Lpia
  • Ubuntu Ubuntu Linux 8.04 LTS Powerpc
  • Ubuntu Ubuntu Linux 8.04 LTS Sparc
  • Ubuntu Ubuntu Linux 9.10 Amd64
  • Ubuntu Ubuntu Linux 9.10 ARM
  • Ubuntu Ubuntu Linux 9.10 I386
  • Ubuntu Ubuntu Linux 9.10 Lpia
  • Ubuntu Ubuntu Linux 9.10 Powerpc
  • Ubuntu Ubuntu Linux 9.10 Sparc

References

  • BugTraq: 44530
  • CVE: CVE-2010-2941

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out