安全研究
安全漏洞
CUPS Cupsd请求模式远程拒绝服务攻击漏洞
发布日期:2003-06-06
更新日期:2003-06-12
受影响系统:
Easy Software Products CUPS 1.1.7不受影响系统:
Easy Software Products CUPS 1.1.6
Easy Software Products CUPS 1.1.18
Easy Software Products CUPS 1.1.17
Easy Software Products CUPS 1.1.14
Easy Software Products CUPS 1.1.13
Easy Software Products CUPS 1.1.10
- Caldera OpenLinux Server 3.1.1
- Caldera OpenLinux Workstation 3.1.1
- Conectiva Linux 7.0
- Conectiva Linux 6.0
- Mandrake Linux 8.1
- RedHat Linux 8.0
- RedHat Linux 7.3
- SuSE Linux 7.3
Easy Software Products CUPS 1.1.19 rc5描述:
BUGTRAQ ID: 7637
Common Unix Printing System (CUPS)是一款通用Unix打印系统,是Unix环境下的跨平台打印解决方案,基于Internet打印协议,提供大多数PostScript和raster打印机服务。
cupsd没有充分对恶意HTTP请求进行超时控制,远程攻击者可以利用这个漏洞对cupsd服务程序进行拒绝服务攻击。
CUPS的IPP(Internet Printing Protocol)实现存在漏洞,IPP实现是单线程的,意味着每个时间只能对一个请求进行服务,而且没有对请求进行超时限制,攻击者提交一个不会超时的请求就可以导致服务程序停止对其他请求的服务,导致拒绝服务攻击。攻击者要利用此漏洞必须能连接IPP端口(默认为631)。
<*来源:Phil D'Amore
链接: https://www.redhat.com/support/errata/RHSA-2003-171.html
http://www.linux-mandrake.com/en/security/2003/2003-062.php
*>
建议:
厂商补丁:
MandrakeSoft
------------
MandrakeSoft已经为此发布了一个安全公告(MDKSA-2003:062)以及相应补丁:
MDKSA-2003:062:Updated cups packages fix Denial of Service vulnerability
链接:http://www.linux-mandrake.com/en/security/2003/2003-062.php
补丁下载:
Updated Packages:
Corporate Server 2.1:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/cups-1.1.18-2.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/cups-common-1.1.18-2.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/cups-serial-1.1.18-2.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/libcups1-1.1.18-2.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/libcups1-devel-1.1.18-2.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/SRPMS/cups-1.1.18-2.1mdk.src.rpm
Mandrake Linux 8.2:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.2/RPMS/cups-1.1.18-2.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.2/RPMS/cups-common-1.1.18-2.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.2/RPMS/cups-serial-1.1.18-2.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.2/RPMS/libcups1-1.1.18-2.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.2/RPMS/libcups1-devel-1.1.18-2.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.2/SRPMS/cups-1.1.18-2.1mdk.src.rpm
Mandrake Linux 8.2/PPC:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.2/RPMS/cups-1.1.18-2.1mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.2/RPMS/cups-common-1.1.18-2.1mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.2/RPMS/cups-serial-1.1.18-2.1mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.2/RPMS/libcups1-1.1.18-2.1mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.2/RPMS/libcups1-devel-1.1.18-2.1mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.2/SRPMS/cups-1.1.18-2.1mdk.src.rpm
Mandrake Linux 9.0:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/cups-1.1.18-2.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/cups-common-1.1.18-2.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/cups-serial-1.1.18-2.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/libcups1-1.1.18-2.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/libcups1-devel-1.1.18-2.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/SRPMS/cups-1.1.18-2.1mdk.src.rpm
Mandrake Linux 9.1:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/RPMS/cups-1.1.19-1.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/RPMS/cups-common-1.1.19-1.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/RPMS/cups-serial-1.1.19-1.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/RPMS/libcups1-1.1.19-1.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/RPMS/libcups1-devel-1.1.19-1.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/SRPMS/cups-1.1.19-1.1mdk.src.rpm
Mandrake Linux 9.1/PPC:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/RPMS/cups-1.1.19-1.1mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/RPMS/cups-common-1.1.19-1.1mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/RPMS/cups-serial-1.1.19-1.1mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/RPMS/libcups1-1.1.19-1.1mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/RPMS/libcups1-devel-1.1.19-1.1mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/SRPMS/cups-1.1.19-1.1mdk.src.rpm
Multi Network Firewall 8.2:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/mnf8.2/RPMS/libcups1-1.1.18-2.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/mnf8.2/SRPMS/cups-1.1.18-2.1mdk.src.rpm
上述升级软件还可以在下列地址中的任意一个镜像ftp服务器上下载:
http://www.mandrakesecure.net/en/ftp.php
RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2003:171-01)以及相应补丁:
RHSA-2003:171-01:Updated CUPS packages fix denial of service attack
链接:https://www.redhat.com/support/errata/RHSA-2003-171.html
补丁下载:
RedHat Linux 7.3 i386:
RedHat RPM cups-1.1.14-15.4.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/cups-1.1.14-15.4.i386.rpm
RedHat RPM cups-libs-1.1.14-15.4.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/cups-libs-1.1.14-15.4.i386.rpm
RedHat RPM cups-devel-1.1.14-15.4.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/cups-devel-1.1.14-15.4.i386.rpm
RedHat Linux 8.0 i386:
RedHat RPM cups-1.1.17-0.7.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/cups-1.1.17-0.7.i386.rpm
RedHat RPM cups-libs-1.1.17-0.7.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/cups-libs-1.1.17-0.7.i386.rpm
RedHat RPM cups-devel-1.1.17-0.7.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/cups-devel-1.1.17-0.7.i386.rpm
RedHat Linux 9.0 i386:
RedHat RPM cups-1.1.17-13.3.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/cups-1.1.17-13.3.i386.rpm
RedHat RPM cups-libs-1.1.17-13.3.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/cups-libs-1.1.17-13.3.i386.rpm
RedHat RPM cups-devel-1.1.17-13.3.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/cups-devel-1.1.17-13.3.i386.rpm
S.u.S.E.
--------
S.u.S.E.已经为此发布了一个安全公告(SuSE-SA:2003:028)以及相应补丁:
SuSE-SA:2003:028:cups
链接:
补丁下载:
i386 Intel Platform:
SuSE-8.2:
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/cups-1.1.18-77.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/cups-libs-1.1.18-77.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/cups-client-1.1.18-77.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/cups-devel-1.1.18-77.i586.rpm
patch rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/cups-1.1.18-77.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/cups-libs-1.1.18-77.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/cups-client-1.1.18-77.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/cups-devel-1.1.18-77.i586.patch.rpm
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/cups-1.1.18-77.src.rpm
SuSE-8.1:
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/cups-1.1.15-98.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/cups-libs-1.1.15-98.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/cups-client-1.1.15-98.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/cups-devel-1.1.15-98.i586.rpm
patch rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/cups-1.1.15-98.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/cups-libs-1.1.15-98.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/cups-client-1.1.15-98.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/cups-devel-1.1.15-98.i586.patch.rpm
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/cups-1.1.15-98.src.rpm
SuSE-8.0:
ftp://ftp.suse.com/pub/suse/i386/update/8.0/n2/cups-1.1.12-95.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.0/n1/cups-libs-1.1.12-95.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.0/n2/cups-client-1.1.12-95.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.0/d4/cups-devel-1.1.12-95.i386.rpm
patch rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.0/n2/cups-1.1.12-95.i386.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.0/n1/cups-libs-1.1.12-95.i386.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.0/n2/cups-client-1.1.12-95.i386.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.0/d4/cups-devel-1.1.12-95.i386.patch.rpm
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/cups-1.1.12-95.src.rpm
SuSE-7.3:
ftp://ftp.suse.com/pub/suse/i386/update/7.3/n1/cups-1.1.10-99.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/7.3/n1/cups-libs-1.1.10-99.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/7.3/n1/cups-client-1.1.10-99.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/7.3/d3/cups-devel-1.1.10-99.i386.rpm
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/7.3/zq1/cups-1.1.10-99.src.rpm
SuSE-7.2:
ftp://ftp.suse.com/pub/suse/i386/update/7.2/n1/cups-1.1.6-128.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/7.2/d3/cups-devel-1.1.6-128.i386.rpm
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/7.2/zq1/cups-1.1.6-128.src.rpm
Sparc Platform:
SuSE-7.3:
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/n1/cups-1.1.10-50.sparc.rpm
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/n1/cups-libs-1.1.10-50.sparc.rpm
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/n1/cups-client-1.1.10-50.sparc.rpm
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/d3/cups-devel-1.1.10-50.sparc.rpm
source rpm(s):
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/zq1/cups-1.1.10-50.src.rpm
PPC Power PC Platform:
SuSE-7.3:
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/n1/cups-1.1.10-88.ppc.rpm
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/n1/cups-libs-1.1.10-88.ppc.rpm
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/d3/cups-devel-1.1.10-88.ppc.rpm
source rpm(s):
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/zq1/cups-1.1.10-88.src.rpm
补丁安装方法:
用“rpm -Fhv file.rpm”命令安装文件,完成后,如果rsync服务是用inetd启动的,向inetd进程发送信号重启之。如果rsync是用“rsync --daemon”命令启动的,则再用此命令重启rsync服务。
浏览次数:3184
严重程度:0(网友投票)
绿盟科技给您安全的保障