From 5b081f4f32e105aa7f5a787629e4cb49e7c67f85 Mon Sep 17 00:00:00 2001 From: delphij Date: Fri, 9 Nov 2007 07:51:42 +0000 Subject: Document cups-base remote buffer overflow vulnerability. Approved by: portmgr (ports-security blanket) --- security/vuxml/vuln.xml | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) (limited to 'security') diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index f340ce1a14a9..580307f6a15b 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,39 @@ Note: Please add new entries to the beginning of this file. --> + + cups -- off-by-one buffer overflow + + + cups-base + 1.3.4 + + + + +

Secunia reports:

+
Secunia Research has discovered a vulnerability in CUPS, which can be + exploited by malicious people to compromise a vulnerable system.
+
The vulnerability is caused due to a boundary error within the "ippReadIO()" + function in cups/ipp.c when processing IPP (Internet Printing Protocol) tags. + This can be exploited to overwrite one byte on the stack with a zero by sending + an IPP request containing specially crafted "textWithLanguage" or + "nameWithLanguage" tags.
+
Successful exploitation allows execution of arbitrary code.
+

+ + + + CVE-2007-4351 + http://secunia.com/secunia_research/2007-76/ + + + 2007-11-06 + 2007-11-09 + + + perl -- regular expressions unicode data buffer overflow -- cgit