Update Protection against Multiple Vendor CUPS Administration Interface CGI Heap Overflow vulnerability
| Check Point Reference: | CPAI-2008-133 | |
| Date Published: | ||
| Severity: | ||
| Last Updated: | ||
| Source: | Secunia Advisory: SA29431 | |
| Industry Reference(s): | CVE-2008-0047 | |
| Protection Provided by: |
IPS-1
|
|
| Who is Vulnerable? Apple CUPS 1.3.5 and prior | ||
| Vulnerability Description A heap overflow vulnerability has been discovered in Apple’s Common Unix Printing System (CUPS). The Common Unix Printing System (CUPS) is a modular printing system for Unix-like operating systems that allows a computer to act as a print server. A computer running CUPS is a host that can accept print jobs from client computers, process them, and send them to the appropriate printer. A remote attacker may exploit this issue to cause a denial of service condition on a target system. |
||
|
Vulnerability Details The vulnerability is due to a boundary error in CUPS when handling incoming CGI requests. A remote attacker may exploit this issue by sending a malicious CGI request to a target system. Successful exploitation of this vulnerability will allow the attacker to execute arbitrary code on the vulnerable system. |
Protection Overview
By enabling this protection, IPS-1 will detect and block malformed CGI requests.
In order for the protection to be activated, update your product to the latest SmartDefense update. For information on how to update SmartDefense, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.