CUPS USB backend Local Heap Based Buffer Overflow Vulnerability

Bugtraq ID: 36350
Class: Boundary Condition Error
CVE: CVE-2009-2807
Remote: No
Local: Yes
Published: Sep 10 2009 12:00AM
Updated: Sep 14 2009 07:41PM
Credit: Reported in Apple Security Update 2009-005
Vulnerable: Easy Software Products CUPS 1.3.10
Easy Software Products CUPS 1.3.9
Easy Software Products CUPS 1.3.8
Easy Software Products CUPS 1.3.7
Easy Software Products CUPS 1.3.6
Easy Software Products CUPS 1.3.5
Easy Software Products CUPS 1.3.3
Easy Software Products CUPS 1.3.2
Easy Software Products CUPS 1.2.12
Easy Software Products CUPS 1.2.10
Easy Software Products CUPS 1.2.9
Easy Software Products CUPS 1.2.8
Easy Software Products CUPS 1.2.4
Easy Software Products CUPS 1.2.2
Easy Software Products CUPS 1.1.23 rc1
+ Gentoo Linux
Easy Software Products CUPS 1.1.23
+ Gentoo Linux
Easy Software Products CUPS 1.1.22 rc1
Easy Software Products CUPS 1.1.22
Easy Software Products CUPS 1.1.21
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
Easy Software Products CUPS 1.1.20
+ ALT Linux ALT Linux Compact 2.3
+ ALT Linux ALT Linux Junior 2.3
+ Gentoo Linux 1.4 _rc3
+ Gentoo Linux 1.4 _rc2
+ Gentoo Linux 1.4 _rc1
+ MandrakeSoft apcupsd 2006.0
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
+ S.u.S.E. Linux Personal 9.1
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Easy Software Products CUPS 1.1.19 rc5
Easy Software Products CUPS 1.1.19
+ Mandriva Linux Mandrake 9.2 amd64
+ Mandriva Linux Mandrake 9.2
+ Turbolinux Appliance Server 1.0 Workgroup Edition
+ Turbolinux Appliance Server 1.0 Hosting Edition
+ Turbolinux Appliance Server Hosting Edition 1.0
+ Turbolinux Appliance Server Workgroup Edition 1.0
+ Turbolinux Home
+ Turbolinux Turbolinux Desktop 10.0
+ Turbolinux Turbolinux Server 8.0
+ Turbolinux Turbolinux Workstation 8.0
Easy Software Products CUPS 1.1.18
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
+ MandrakeSoft Multi Network Firewall 2.0
+ Mandriva Linux Mandrake 9.0
+ S.u.S.E. Linux Personal 8.2
Easy Software Products CUPS 1.1.17
+ Redhat Desktop 3.0
+ Redhat Enterprise Linux AS 3
+ Redhat Enterprise Linux ES 3
+ Redhat Enterprise Linux WS 3
Easy Software Products CUPS 1.1.16
+ Mandriva Linux Mandrake 9.0
Easy Software Products CUPS 1.1.15
+ Conectiva Linux Enterprise Edition 1.0
+ SuSE Linux 8.1
Easy Software Products CUPS 1.1.14
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2
Easy Software Products CUPS 1.1.13
Easy Software Products CUPS 1.1.12
+ SuSE Linux 8.0 i386
+ SuSE Linux 8.0
Easy Software Products CUPS 1.1.10
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Workstation 3.1.1
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ SuSE Linux 7.3 sparc
+ SuSE Linux 7.3 ppc
+ SuSE Linux 7.3 i386
Easy Software Products CUPS 1.1.7
Easy Software Products CUPS 1.1.6
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
+ SuSE Linux 7.2 i386
+ SuSE Linux 7.1 x86
+ SuSE Linux 7.1 sparc
+ SuSE Linux 7.1 ppc
+ SuSE Linux 7.1 alpha
Easy Software Products CUPS 1.1.4 -5
Easy Software Products CUPS 1.1.4 -3
+ Mandriva Linux Mandrake 7.2
Easy Software Products CUPS 1.1.4 -2
+ Debian Linux 2.3
Easy Software Products CUPS 1.1.4
+ Debian Linux 2.3
+ Mandriva Linux Mandrake 7.2
Easy Software Products CUPS 1.1.1
+ Redhat PowerTools 7.0
Easy Software Products CUPS 1.0.4 -8
+ Debian Linux 2.2
Easy Software Products CUPS 1.0.4
+ Debian Linux 2.2
DrPhibez and Nitro187 Guild FTPD 1.1.19 rc5
Apple Mac OS X Server 10.5.8
Apple Mac OS X Server 10.5.7
Apple Mac OS X Server 10.5.6
Apple Mac OS X Server 10.5.5
Apple Mac OS X Server 10.5.4
Apple Mac OS X Server 10.5.3
Apple Mac OS X Server 10.5.2
Apple Mac OS X Server 10.5.1
Apple Mac OS X Server 10.5
Apple Mac OS X 10.5.8
Apple Mac OS X 10.5.7
Apple Mac OS X 10.5.6
Apple Mac OS X 10.5.5
Apple Mac OS X 10.5.4
Apple Mac OS X 10.5.3
Apple Mac OS X 10.5.2
Apple Mac OS X 10.5.1
Apple Mac OS X 10.5
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus