• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Cups Internet Printing Protocol Job Loop Denial Of Service Vulnerability

Solution:
Turbolinux have released an advisory (TLSA-2003-63) to address this issue. Users who are potentially affected by this vulnerability are advised to apply relative fixes as soon as possible. Further information regarding obtaining and applying these fixes can be found in the referenced advisory.

Red Hat has made advisory RHSA-2003:275-01 and fixes available. See referenced advisory for additional details.

Mandrake has released an advisory (MDKSA-2003:104) that includes updates to address this issue. Please see the attached advisory for details on obtaining and applying fixes.

Conectiva has released advisory CLA-2003:779 with fixes to address this issue. See referenced advisory for additional details. Conectiva has also released an advisory for Conectiva Linux Enterprise Edition.

SCO has released advisory CSSA-2004-012.0 to address this issue.


Easy Software Products CUPS 1.1.10

• Conectiva cups-1.1.14-1U70_5cl.i386.rpm
  Update for Conectiva Linux 7.0.
  ftp://atualizacoes.conectiva.com.br/7.0/RPMS/cups-1.1.14-1U70_5cl.i386 .rpm


• Conectiva cups-devel-1.1.14-1U70_5cl.i386.rpm
  Update for Conectiva Linux 7.0.
  ftp://atualizacoes.conectiva.com.br/7.0/RPMS/cups-devel-1.1.14-1U70_5c l.i386.rpm


• Conectiva cups-devel-static-1.1.14-1U70_5cl.i386.rpm
  Update for Conectiva Linux 7.0.
  ftp://atualizacoes.conectiva.com.br/7.0/RPMS/cups-devel-static-1.1.14- 1U70_5cl.i386.rpm


• Conectiva cups-doc-1.1.14-1U70_5cl.i386.rpm
  Update for Conectiva Linux 7.0.
  ftp://atualizacoes.conectiva.com.br/7.0/RPMS/cups-doc-1.1.14-1U70_5cl. i386.rpm


• Conectiva cups-drivers-1.0-3U70_1cl.i386.rpm
  Update for Conectiva Linux 7.0.
  ftp://atualizacoes.conectiva.com.br/7.0/RPMS/cups-drivers-1.0-3U70_1cl .i386.rpm


• Conectiva cups-libs-1.1.14-1U70_5cl.i386.rpm
  Update for Conectiva Linux 7.0.
  ftp://atualizacoes.conectiva.com.br/7.0/RPMS/cups-libs-1.1.14-1U70_5cl .i386.rpm


• SCO cups-1.1.20-1.i386.rpm
  ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-012.0/R PMS/cups-1.1.20-1.i386.rpm


• SCO cups-1.1.20-1.i386.rpm
  ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2004-01 2.0/RPMS/cups-1.1.20-1.i386.rpm


• SCO cups-devel-1.1.20-1.i386.rpm
  ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-012.0/R PMS/cups-devel-1.1.20-1.i386.rpm


• SCO cups-devel-1.1.20-1.i386.rpm
  ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2004-01 2.0/RPMS/cups-devel-1.1.20-1.i386.rpm


• SCO cups-libs-1.1.20-1.i386.rpm
  ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-012.0/R PMS/cups-libs-1.1.20-1.i386.rpm


• SCO cups-libs-1.1.20-1.i386.rpm
  ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2004-01 2.0/RPMS/cups-libs-1.1.20-1.i386.rpm

Easy Software Products CUPS 1.1.14

• Conectiva cups-1.1.14-2U80_5cl.i386.rpm
  Update for Conectiva Linux 8.0.
  ftp://atualizacoes.conectiva.com.br/8/RPMS/cups-1.1.14-2U80_5cl.i386.r pm


• Conectiva cups-devel-1.1.14-2U80_5cl.i386.rpm
  Update for Conectiva Linux 8.0.
  ftp://atualizacoes.conectiva.com.br/8/RPMS/cups-devel-1.1.14-2U80_5cl. i386.rpm


• Conectiva cups-devel-static-1.1.14-2U80_5cl.i386.rpm
  Update for Conectiva Linux 8.0.
  ftp://atualizacoes.conectiva.com.br/8/RPMS/cups-devel-static-1.1.14-2U 80_5cl.i386.rpm


• Conectiva cups-doc-1.1.14-2U80_5cl.i386.rpm
  Update for Conectiva Linux 8.0.
  ftp://atualizacoes.conectiva.com.br/8/RPMS/cups-doc-1.1.14-2U80_5cl.i3 86.rpm


• Conectiva cups-libs-1.1.14-2U80_5cl.i386.rpm
  Update for Conectiva Linux 8.0.
  ftp://atualizacoes.conectiva.com.br/8/RPMS/cups-libs-1.1.14-2U80_5cl.i 386.rpm

Easy Software Products CUPS 1.1.15

• Conectiva cups-1.1.15-132.i586.rpm
  ftp://ul.conectiva.com.br/updates/1.0/RPMS.core/cups-1.1.15-132.i586.r pm


• Conectiva cups-client-1.1.15-132.i586.rpm
  ftp://ul.conectiva.com.br/updates/1.0/RPMS.core/cups-client-1.1.15-132 .i586.rpm


• Conectiva cups-devel-1.1.15-132.i586.rpm
  ftp://ul.conectiva.com.br/updates/1.0/RPMS.core/cups-devel-1.1.15-132. i586.rpm


• Conectiva cups-libs-1.1.15-132.i586.rpm
  ftp://ul.conectiva.com.br/updates/1.0/RPMS.core/cups-libs-1.1.15-132.i 586.rpm

Easy Software Products CUPS 1.1.18

• Conectiva cups-1.1.18-29091U90_2cl.i386.rpm
  Update for Conectiva Linux 9.0.
  ftp://atualizacoes.conectiva.com.br/9/RPMS/cups-1.1.18-29091U90_2cl.i3 86.rpm


• Conectiva cups-devel-1.1.18-29091U90_2cl.i386.rpm
  Update for Conectiva Linux 9.0.
  ftp://atualizacoes.conectiva.com.br/9/RPMS/cups-devel-1.1.18-29091U90_ 2cl.i386.rpm


• Conectiva cups-devel-static-1.1.18-29091U90_2cl.i386.rpm
  Update for Conectiva Linux 9.0.
  ftp://atualizacoes.conectiva.com.br/9/RPMS/cups-devel-static-1.1.18-29 091U90_2cl.i386.rpm


• Conectiva cups-doc-1.1.18-29091U90_2cl.i386.rpm
  Update for Conectiva Linux 9.0.
  ftp://atualizacoes.conectiva.com.br/9/RPMS/cups-doc-1.1.18-29091U90_2c l.i386.rpm


• Conectiva cups-libs-1.1.18-29091U90_2cl.i386.rpm
  Update for Conectiva Linux 9.0.
  ftp://atualizacoes.conectiva.com.br/9/RPMS/cups-libs-1.1.18-29091U90_2 cl.i386.rpm


• Mandrake cups-1.1.18-2.2.90mdk.i586.rpm
  Mandrake Linux 9.0.
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake cups-1.1.18-2.2.C21mdk.i586.rpm
  Mandrake Corporate Server 2.1.
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake cups-1.1.18-2.2.C21mdk.x86_64.rpm
  Mandrake Corporate Server 2.1/x86_64.
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake cups-common-1.1.18-2.2.90mdk.i586.rpm
  Mandrake Linux 9.0.
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake cups-common-1.1.18-2.2.C21mdk.i586.rpm
  Mandrake Corporate Server 2.1.
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake cups-common-1.1.18-2.2.C21mdk.x86_64.rpm
  Mandrake Corporate Server 2.1/x86_64.
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake cups-serial-1.1.18-2.2.90mdk.i586.rpm
  Mandrake Linux 9.0.
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake cups-serial-1.1.18-2.2.C21mdk.i586.rpm
  Mandrake Corporate Server 2.1.
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake cups-serial-1.1.18-2.2.C21mdk.x86_64.rpm
  Mandrake Corporate Server 2.1/x86_64.
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake libcups1-1.1.18-2.2.90mdk.i586.rpm
  Mandrake Linux 9.0.
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake libcups1-1.1.18-2.2.C21mdk.i586.rpm
  Mandrake Corporate Server 2.1.
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake libcups1-1.1.18-2.2.C21mdk.x86_64.rpm
  Mandrake Corporate Server 2.1/x86_64.
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake libcups1-devel-1.1.18-2.2.90mdk.i586.rpm
  Mandrake Linux 9.0.
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake libcups1-devel-1.1.18-2.2.C21mdk.i586.rpm
  Mandrake Corporate Server 2.1.
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake libcups1-devel-1.1.18-2.2.C21mdk.x86_64.rpm
  Mandrake Corporate Server 2.1/x86_64.
  http://www.mandrakesecure.net/en/ftp.php

Apple Mac OS X 10.2.8

• Apple SecUpd2004-04-05Jag.dmg
  http://apple.speedera.net/download.info.apple.com/Apple_Support/SecUpd 2004-04-05Jag.dmg

Apple Mac OS X Server 10.2.8

• Apple SecUpd2004-04-05Jag.dmg
  http://apple.speedera.net/download.info.apple.com/Apple_Support/SecUpd 2004-04-05Jag.dmg

Apple Mac OS X Server 10.3

• Apple SecUpd2004-04-05Jag.dmg
  http://apple.speedera.net/download.info.apple.com/Apple_Support/SecUpd 2004-04-05Jag.dmg

Apple Mac OS X 10.3

• Apple SecUpd2004-04-05Jag.dmg
  http://apple.speedera.net/download.info.apple.com/Apple_Support/SecUpd 2004-04-05Jag.dmg

Apple Mac OS X Server 10.3.1

• Apple SecUpd2004-04-05Jag.dmg
  http://apple.speedera.net/download.info.apple.com/Apple_Support/SecUpd 2004-04-05Jag.dmg

Apple Mac OS X 10.3.1

• Apple SecUpd2004-04-05Jag.dmg
  http://apple.speedera.net/download.info.apple.com/Apple_Support/SecUpd 2004-04-05Jag.dmg

Apple Mac OS X 10.3.2

• Apple SecUpd2004-04-05Jag.dmg
  http://apple.speedera.net/download.info.apple.com/Apple_Support/SecUpd 2004-04-05Jag.dmg

Apple Mac OS X Server 10.3.2

• Apple SecUpd2004-04-05Jag.dmg
  http://apple.speedera.net/download.info.apple.com/Apple_Support/SecUpd 2004-04-05Jag.dmg

Apple Mac OS X Server 10.3.3

• Apple SecUpd2004-04-05Jag.dmg
  http://apple.speedera.net/download.info.apple.com/Apple_Support/SecUpd 2004-04-05Jag.dmg


• Apple SecUpd2004-04-05Pan.dmg
  http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=03993&plat form=osx&method=sa/SecUpd2004-04-05Pan.dmg

Apple Mac OS X 10.3.3

• Apple SecUpd2004-04-05Jag.dmg
  http://apple.speedera.net/download.info.apple.com/Apple_Support/SecUpd 2004-04-05Jag.dmg


• Apple SecUpd2004-04-05Pan.dmg
  http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=03993&plat form=osx&method=sa/SecUpd2004-04-05Pan.dmg

Turbolinux Turbolinux Workstation 8.0

• TurboLinux cups-1.1.19-11.i586.rpm
  ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/ 8/updates/RPMS/cups-1.1.19-11.i586.rpm


• TurboLinux cups-devel-1.1.19-11.i586.rpm
  ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/ 8/updates/RPMS/cups-devel-1.1.19-11.i586.rpm


• TurboLinux cups-libs-1.1.19-11.i586.rpm
  ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/ 8/updates/RPMS/cups-libs-1.1.19-11.i586.rpm

Turbolinux Turbolinux Server 8.0

• TurboLinux cups-1.1.19-11.i586.rpm
  ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/upd ates/RPMS/cups-1.1.19-11.i586.rpm


• TurboLinux cups-devel-1.1.19-11.i586.rpm
  ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/upd ates/RPMS/cups-devel-1.1.19-11.i586.rpm


• TurboLinux cups-libs-1.1.19-11.i586.rpm
  ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/upd ates/RPMS/cups-libs-1.1.19-11.i586.rpm