CVE-2007-5849 (GCVE-0-2007-5849)

Vulnerability from cvelistv5 – Published: 2007-12-19 21:00 – Updated: 2024-08-07 15:47

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.cups.org/str.php?L2589	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.vupen.com/english/advisories/2007/4238	vdb-entryx_refsource_VUPEN
	http://www.us-cert.gov/cas/techalerts/TA07-352A.html	third-party-advisoryx_refsource_CERT
	http://secunia.com/advisories/28129	third-party-advisoryx_refsource_SECUNIA
	http://www.novell.com/linux/security/advisories/s…	vendor-advisoryx_refsource_SUSE
	http://secunia.com/advisories/28441	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/28136	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/28113	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/28200	third-party-advisoryx_refsource_SECUNIA
	http://www.ubuntu.com/usn/usn-563-1	vendor-advisoryx_refsource_UBUNTU
	http://www.gentoo.org/security/en/glsa/glsa-20071…	vendor-advisoryx_refsource_GENTOO
	http://www.securityfocus.com/bid/26910	vdb-entryx_refsource_BID
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://secunia.com/advisories/28676	third-party-advisoryx_refsource_SECUNIA
	http://www.debian.org/security/2007/dsa-1437	vendor-advisoryx_refsource_DEBIAN
	http://docs.info.apple.com/article.html?artnum=307179	x_refsource_CONFIRM
	http://secunia.com/advisories/28386	third-party-advisoryx_refsource_SECUNIA
	http://bugs.gentoo.org/show_bug.cgi?id=201570	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://secunia.com/advisories/28636	third-party-advisoryx_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.vupen.com/english/advisories/2007/4242	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/bid/26917	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:47:00.628Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.cups.org/str.php?L2589"
          },
          {
            "name": "cups-asn1getstring-bo(39101)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39101"
          },
          {
            "name": "ADV-2007-4238",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/4238"
          },
          {
            "name": "TA07-352A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
          },
          {
            "name": "28129",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28129"
          },
          {
            "name": "SUSE-SR:2008:002",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html"
          },
          {
            "name": "28441",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28441"
          },
          {
            "name": "28136",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28136"
          },
          {
            "name": "28113",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28113"
          },
          {
            "name": "28200",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28200"
          },
          {
            "name": "USN-563-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-563-1"
          },
          {
            "name": "GLSA-200712-14",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml"
          },
          {
            "name": "26910",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26910"
          },
          {
            "name": "SUSE-SA:2008:002",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00003.html"
          },
          {
            "name": "FEDORA-2008-0322",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00908.html"
          },
          {
            "name": "APPLE-SA-2007-12-17",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
          },
          {
            "name": "28676",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28676"
          },
          {
            "name": "DSA-1437",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2007/dsa-1437"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://docs.info.apple.com/article.html?artnum=307179"
          },
          {
            "name": "28386",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28386"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=201570"
          },
          {
            "name": "MDVSA-2008:036",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:036"
          },
          {
            "name": "28636",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28636"
          },
          {
            "name": "macos-snmp-bo(39097)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39097"
          },
          {
            "name": "ADV-2007-4242",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/4242"
          },
          {
            "name": "26917",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26917"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-12-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer underflow in the asn1_get_string function in the SNMP back end (backend/snmp.c) for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that triggers a stack-based buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.cups.org/str.php?L2589"
        },
        {
          "name": "cups-asn1getstring-bo(39101)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39101"
        },
        {
          "name": "ADV-2007-4238",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/4238"
        },
        {
          "name": "TA07-352A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
        },
        {
          "name": "28129",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28129"
        },
        {
          "name": "SUSE-SR:2008:002",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html"
        },
        {
          "name": "28441",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28441"
        },
        {
          "name": "28136",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28136"
        },
        {
          "name": "28113",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28113"
        },
        {
          "name": "28200",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28200"
        },
        {
          "name": "USN-563-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-563-1"
        },
        {
          "name": "GLSA-200712-14",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml"
        },
        {
          "name": "26910",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26910"
        },
        {
          "name": "SUSE-SA:2008:002",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00003.html"
        },
        {
          "name": "FEDORA-2008-0322",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00908.html"
        },
        {
          "name": "APPLE-SA-2007-12-17",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
        },
        {
          "name": "28676",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28676"
        },
        {
          "name": "DSA-1437",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2007/dsa-1437"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://docs.info.apple.com/article.html?artnum=307179"
        },
        {
          "name": "28386",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28386"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.gentoo.org/show_bug.cgi?id=201570"
        },
        {
          "name": "MDVSA-2008:036",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:036"
        },
        {
          "name": "28636",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28636"
        },
        {
          "name": "macos-snmp-bo(39097)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39097"
        },
        {
          "name": "ADV-2007-4242",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/4242"
        },
        {
          "name": "26917",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26917"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-5849",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer underflow in the asn1_get_string function in the SNMP back end (backend/snmp.c) for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that triggers a stack-based buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.cups.org/str.php?L2589",
              "refsource": "CONFIRM",
              "url": "http://www.cups.org/str.php?L2589"
            },
            {
              "name": "cups-asn1getstring-bo(39101)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39101"
            },
            {
              "name": "ADV-2007-4238",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/4238"
            },
            {
              "name": "TA07-352A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
            },
            {
              "name": "28129",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28129"
            },
            {
              "name": "SUSE-SR:2008:002",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html"
            },
            {
              "name": "28441",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28441"
            },
            {
              "name": "28136",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28136"
            },
            {
              "name": "28113",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28113"
            },
            {
              "name": "28200",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28200"
            },
            {
              "name": "USN-563-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-563-1"
            },
            {
              "name": "GLSA-200712-14",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml"
            },
            {
              "name": "26910",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26910"
            },
            {
              "name": "SUSE-SA:2008:002",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00003.html"
            },
            {
              "name": "FEDORA-2008-0322",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00908.html"
            },
            {
              "name": "APPLE-SA-2007-12-17",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
            },
            {
              "name": "28676",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28676"
            },
            {
              "name": "DSA-1437",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2007/dsa-1437"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=307179",
              "refsource": "CONFIRM",
              "url": "http://docs.info.apple.com/article.html?artnum=307179"
            },
            {
              "name": "28386",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28386"
            },
            {
              "name": "http://bugs.gentoo.org/show_bug.cgi?id=201570",
              "refsource": "CONFIRM",
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=201570"
            },
            {
              "name": "MDVSA-2008:036",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:036"
            },
            {
              "name": "28636",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28636"
            },
            {
              "name": "macos-snmp-bo(39097)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39097"
            },
            {
              "name": "ADV-2007-4242",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/4242"
            },
            {
              "name": "26917",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26917"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-5849",
    "datePublished": "2007-12-19T21:00:00",
    "dateReserved": "2007-11-06T00:00:00",
    "dateUpdated": "2024-08-07T15:47:00.628Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3F3E721C-00CA-4D51-B542-F2BC5C0D65BF\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:easy_software_products:cups:1.2.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9355573A-B469-49DD-912D-98CD71A2A310\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:easy_software_products:cups:1.2.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"96C1D0AA-C5F5-4996-8E66-686CFCBF1D32\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:easy_software_products:cups:1.2.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"420FCEF3-4E21-4A87-A688-87C755757B0D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:easy_software_products:cups:1.2.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D979FFBA-4916-426F-9401-BCE1121B0F12\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:easy_software_products:cups:1.3.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"36BF9F21-3FEB-44C4-8A39-18F6D5CC1960\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Integer underflow in the asn1_get_string function in the SNMP back end (backend/snmp.c) for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that triggers a stack-based buffer overflow.\"}, {\"lang\": \"es\", \"value\": \"Un subdesbordamiento de enteros en la funci\\u00f3n asn1_get_string en el back end de SNMP (backend/snmp.c) para CUPS versiones 1.2 hasta 1.3.4, permite a los atacantes remotos ejecutar c\\u00f3digo arbitrario por medio de una respuesta SNMP especialmente dise\\u00f1ada que desencadena un desbordamiento de b\\u00fafer en la regi\\u00f3n stack de la memoria.\"}]",
      "id": "CVE-2007-5849",
      "lastModified": "2024-11-21T00:38:50.397",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 9.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2007-12-19T21:46:00.000",
      "references": "[{\"url\": \"http://bugs.gentoo.org/show_bug.cgi?id=201570\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://docs.info.apple.com/article.html?artnum=307179\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00003.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/28113\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28129\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28136\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28200\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28386\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28441\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28636\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28676\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.cups.org/str.php?L2589\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.debian.org/security/2007/dsa-1437\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2008:036\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.novell.com/linux/security/advisories/suse_security_summary_report.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/26910\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/26917\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.ubuntu.com/usn/usn-563-1\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA07-352A.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2007/4238\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2007/4242\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/39097\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/39101\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00908.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://bugs.gentoo.org/show_bug.cgi?id=201570\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://docs.info.apple.com/article.html?artnum=307179\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00003.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/28113\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28129\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28136\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28200\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28386\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28441\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28636\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28676\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.cups.org/str.php?L2589\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.debian.org/security/2007/dsa-1437\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2008:036\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.novell.com/linux/security/advisories/suse_security_summary_report.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/26910\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/26917\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ubuntu.com/usn/usn-563-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA07-352A.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2007/4238\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2007/4242\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/39097\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/39101\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00908.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vendorComments": "[{\"organization\": \"Red Hat\", \"comment\": \"Not vulnerable.\\n\\nThis flaw does not affect the version of CUPS shipped in Red Hat Enterprise Linux 3 or 4.\\n\\nAfter a detailed analysis of this flaw, it has been determined it does not pose a security threat on Red Hat Enterprise Linux 5.  For more details regarding this analysis, please see:\\nhttps://bugzilla.redhat.com/show_bug.cgi?id=415131\", \"lastModified\": \"2008-01-02T00:00:00\"}]",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-189\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-5849\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-12-19T21:46:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Integer underflow in the asn1_get_string function in the SNMP back end (backend/snmp.c) for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that triggers a stack-based buffer overflow.\"},{\"lang\":\"es\",\"value\":\"Un subdesbordamiento de enteros en la funci\u00f3n asn1_get_string en el back end de SNMP (backend/snmp.c) para CUPS versiones 1.2 hasta 1.3.4, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de una respuesta SNMP especialmente dise\u00f1ada que desencadena un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-189\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F3E721C-00CA-4D51-B542-F2BC5C0D65BF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:easy_software_products:cups:1.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9355573A-B469-49DD-912D-98CD71A2A310\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:easy_software_products:cups:1.2.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"96C1D0AA-C5F5-4996-8E66-686CFCBF1D32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:easy_software_products:cups:1.2.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"420FCEF3-4E21-4A87-A688-87C755757B0D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:easy_software_products:cups:1.2.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D979FFBA-4916-426F-9401-BCE1121B0F12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:easy_software_products:cups:1.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36BF9F21-3FEB-44C4-8A39-18F6D5CC1960\"}]}]}],\"references\":[{\"url\":\"http://bugs.gentoo.org/show_bug.cgi?id=201570\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://docs.info.apple.com/article.html?artnum=307179\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00003.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/28113\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28129\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28136\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28200\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28386\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28441\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28636\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28676\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.cups.org/str.php?L2589\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2007/dsa-1437\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2008:036\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.novell.com/linux/security/advisories/suse_security_summary_report.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/26910\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/26917\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.ubuntu.com/usn/usn-563-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA07-352A.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/4238\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/4242\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/39097\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/39101\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00908.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://bugs.gentoo.org/show_bug.cgi?id=201570\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://docs.info.apple.com/article.html?artnum=307179\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/28113\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28129\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28136\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28200\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28386\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28441\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28636\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28676\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.cups.org/str.php?L2589\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2007/dsa-1437\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2008:036\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.novell.com/linux/security/advisories/suse_security_summary_report.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/26910\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/26917\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/usn-563-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA07-352A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/4238\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/4242\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/39097\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/39101\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00908.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"vendorComments\":[{\"organization\":\"Red Hat\",\"comment\":\"Not vulnerable.\\n\\nThis flaw does not affect the version of CUPS shipped in Red Hat Enterprise Linux 3 or 4.\\n\\nAfter a detailed analysis of this flaw, it has been determined it does not pose a security threat on Red Hat Enterprise Linux 5.  For more details regarding this analysis, please see:\\nhttps://bugzilla.redhat.com/show_bug.cgi?id=415131\",\"lastModified\":\"2008-01-02T00:00:00\"}]}}"
  }
}

CERTA-2007-AVI-551

Vulnerability from certfr_avis - Published: - Updated:

None

Description

De multiples vulnérabilités ont été découvertes dans les systèmes d'exploitation Apple Mac OS X. L'exploitation de ces vulnérabilités permettent à une personne malveillante d'exécuter diverses actions dont l'exécution de code arbitraire à distance, l'atteinte à l'intégrité des données, l'élévation de privilèges ou le contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Apple	N/A	Mac OS X version 10.5.1 et antérieures.
	Apple	N/A	Mac OS X version 10.4.11 et antérieures ;

References

Title

Publication Time

Tags

Bulletin de sécurité Apple 307179 du 12 décembre 2007

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Mac OS X version 10.5.1 et ant\u00e9rieures.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X version 10.4.11 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les syst\u00e8mes\nd\u0027exploitation Apple Mac OS X. L\u0027exploitation de ces vuln\u00e9rabilit\u00e9s\npermettent \u00e0 une personne malveillante d\u0027ex\u00e9cuter diverses actions dont\nl\u0027ex\u00e9cution de code arbitraire \u00e0 distance, l\u0027atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des\ndonn\u00e9es, l\u0027\u00e9l\u00e9vation de privil\u00e8ges ou le contournement de la politique\nde s\u00e9curit\u00e9.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-4710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4710"
    },
    {
      "name": "CVE-2007-1661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1661"
    },
    {
      "name": "CVE-2007-5857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5857"
    },
    {
      "name": "CVE-2007-4351",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4351"
    },
    {
      "name": "CVE-2007-4768",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4768"
    },
    {
      "name": "CVE-2007-1660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1660"
    },
    {
      "name": "CVE-2007-5116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5116"
    },
    {
      "name": "CVE-2007-5851",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5851"
    },
    {
      "name": "CVE-2007-1659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1659"
    },
    {
      "name": "CVE-2007-5476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5476"
    },
    {
      "name": "CVE-2007-3876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3876"
    },
    {
      "name": "CVE-2007-4708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4708"
    },
    {
      "name": "CVE-2007-5853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5853"
    },
    {
      "name": "CVE-2007-5398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5398"
    },
    {
      "name": "CVE-2007-1218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1218"
    },
    {
      "name": "CVE-2007-5848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5848"
    },
    {
      "name": "CVE-2007-5770",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5770"
    },
    {
      "name": "CVE-2007-1662",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1662"
    },
    {
      "name": "CVE-2007-4709",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4709"
    },
    {
      "name": "CVE-2007-5863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5863"
    },
    {
      "name": "CVE-2007-3798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3798"
    },
    {
      "name": "CVE-2006-0024",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-0024"
    },
    {
      "name": "CVE-2007-5849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5849"
    },
    {
      "name": "CVE-2007-5858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5858"
    },
    {
      "name": "CVE-2007-4131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4131"
    },
    {
      "name": "CVE-2007-6165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6165"
    },
    {
      "name": "CVE-2007-4572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4572"
    },
    {
      "name": "CVE-2007-5855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5855"
    },
    {
      "name": "CVE-2007-5854",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5854"
    },
    {
      "name": "CVE-2007-4965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4965"
    },
    {
      "name": "CVE-2007-5856",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5856"
    },
    {
      "name": "CVE-2007-5850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5850"
    },
    {
      "name": "CVE-2007-5859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5859"
    },
    {
      "name": "CVE-2007-5861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5861"
    },
    {
      "name": "CVE-2007-5860",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5860"
    },
    {
      "name": "CVE-2007-4767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4767"
    },
    {
      "name": "CVE-2007-4766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4766"
    },
    {
      "name": "CVE-2007-5847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5847"
    }
  ],
  "links": [],
  "reference": "CERTA-2007-AVI-551",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-12-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": null,
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple Mac OS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 307179 du 12 d\u00e9cembre 2007",
      "url": "http://docs.info.apple.com/article.html?artnum=307179"
    }
  ]
}

CERTA-2007-AVI-551

Vulnerability from certfr_avis - Published: - Updated:

None

Description

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Apple	N/A	Mac OS X version 10.5.1 et antérieures.
	Apple	N/A	Mac OS X version 10.4.11 et antérieures ;

References

Title

Publication Time

Tags

Bulletin de sécurité Apple 307179 du 12 décembre 2007

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Mac OS X version 10.5.1 et ant\u00e9rieures.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X version 10.4.11 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les syst\u00e8mes\nd\u0027exploitation Apple Mac OS X. L\u0027exploitation de ces vuln\u00e9rabilit\u00e9s\npermettent \u00e0 une personne malveillante d\u0027ex\u00e9cuter diverses actions dont\nl\u0027ex\u00e9cution de code arbitraire \u00e0 distance, l\u0027atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des\ndonn\u00e9es, l\u0027\u00e9l\u00e9vation de privil\u00e8ges ou le contournement de la politique\nde s\u00e9curit\u00e9.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-4710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4710"
    },
    {
      "name": "CVE-2007-1661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1661"
    },
    {
      "name": "CVE-2007-5857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5857"
    },
    {
      "name": "CVE-2007-4351",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4351"
    },
    {
      "name": "CVE-2007-4768",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4768"
    },
    {
      "name": "CVE-2007-1660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1660"
    },
    {
      "name": "CVE-2007-5116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5116"
    },
    {
      "name": "CVE-2007-5851",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5851"
    },
    {
      "name": "CVE-2007-1659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1659"
    },
    {
      "name": "CVE-2007-5476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5476"
    },
    {
      "name": "CVE-2007-3876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3876"
    },
    {
      "name": "CVE-2007-4708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4708"
    },
    {
      "name": "CVE-2007-5853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5853"
    },
    {
      "name": "CVE-2007-5398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5398"
    },
    {
      "name": "CVE-2007-1218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1218"
    },
    {
      "name": "CVE-2007-5848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5848"
    },
    {
      "name": "CVE-2007-5770",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5770"
    },
    {
      "name": "CVE-2007-1662",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1662"
    },
    {
      "name": "CVE-2007-4709",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4709"
    },
    {
      "name": "CVE-2007-5863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5863"
    },
    {
      "name": "CVE-2007-3798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3798"
    },
    {
      "name": "CVE-2006-0024",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-0024"
    },
    {
      "name": "CVE-2007-5849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5849"
    },
    {
      "name": "CVE-2007-5858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5858"
    },
    {
      "name": "CVE-2007-4131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4131"
    },
    {
      "name": "CVE-2007-6165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6165"
    },
    {
      "name": "CVE-2007-4572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4572"
    },
    {
      "name": "CVE-2007-5855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5855"
    },
    {
      "name": "CVE-2007-5854",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5854"
    },
    {
      "name": "CVE-2007-4965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4965"
    },
    {
      "name": "CVE-2007-5856",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5856"
    },
    {
      "name": "CVE-2007-5850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5850"
    },
    {
      "name": "CVE-2007-5859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5859"
    },
    {
      "name": "CVE-2007-5861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5861"
    },
    {
      "name": "CVE-2007-5860",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5860"
    },
    {
      "name": "CVE-2007-4767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4767"
    },
    {
      "name": "CVE-2007-4766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4766"
    },
    {
      "name": "CVE-2007-5847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5847"
    }
  ],
  "links": [],
  "reference": "CERTA-2007-AVI-551",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-12-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": null,
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple Mac OS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 307179 du 12 d\u00e9cembre 2007",
      "url": "http://docs.info.apple.com/article.html?artnum=307179"
    }
  ]
}

VAR-200712-0433

Vulnerability from variot - Updated: 2024-07-23 21:40

Integer underflow in the asn1_get_string function in the SNMP back end (backend/snmp.c) for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that triggers a stack-based buffer overflow. Common UNIX Printing System (CUPS) is prone to a remote buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied data before copying it to an insufficiently sized buffer. Failed exploit attempts will likely result in denial-of-service conditions. Apple Mac OS X is prone to multiple security vulnerabilities. These issues affect Mac OS X and various applications, including Address Book, CFNetwork, ColorSync, CoreFoundation, CUPS, Desktop Services, iChat, IO Storage Family, Launch Services, Mail, Quick Look, Safari, Safari RSS, SMB, Software Update, Spin Tracer, Spotlight, tcpdump, and XQuery. Attackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, and potentially compromise vulnerable computers. Apple Mac OS X 10.5.1 and prior versions are vulnerable to these issues. Apple Common Unix Printing System (CUPS) is an open source printing system for OS X and Unix-like systems developed by Apple. The system is based on the Internet Printing Protocol (IPP) and provides most PostScript and raster printer services. There is a vulnerability when CUPS processes SNMP requests containing malformed data, and remote attackers may exploit this vulnerability to control the server. There is a symbol error in the asn1_get_string() function in the backend/snmp.c file of CUPS. =========================================================== Ubuntu Security Notice USN-563-1 January 09, 2008 cupsys vulnerabilities CVE-2007-5849, CVE-2007-6358 ===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10

This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the following package versions:

Ubuntu 6.06 LTS: cupsys 1.2.2-0ubuntu0.6.06.6

Ubuntu 6.10: cupsys 1.2.4-2ubuntu3.2

Ubuntu 7.04: cupsys 1.2.8-0ubuntu8.2

Ubuntu 7.10: cupsys 1.3.2-1ubuntu7.3

In general, a standard system upgrade is sufficient to effect the necessary changes.

Updated packages for Ubuntu 6.06 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.6.diff.gz
  Size/MD5:    96854 c42f659f650a9c0d81bdb4f8ba7004bf
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.6.dsc
  Size/MD5:     1049 01c4bd2466a668f82bc852b2658e3f24
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2.orig.tar.gz
  Size/MD5:  4070384 2c99b8aa4c8dc25c8a84f9c06aa52e3e

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.2.2-0ubuntu0.6.06.6_all.deb
  Size/MD5:      996 b0b0b7b1a5b04ac737c6c1c506bf0a1d

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.6_amd64.deb
  Size/MD5:    36242 0d64ba11e2e59e2f089fdb40efed1565
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.6_amd64.deb
  Size/MD5:    81910 3f9240a0ac855620f13662ecd48224d5
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.6_amd64.deb
  Size/MD5:  2285594 073223e345043bfa56f5d173393cbbfe
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.6_amd64.deb
  Size/MD5:     6094 dcb63118059086cdf2fe9f66eab3c9ab
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.6_amd64.deb
  Size/MD5:    75942 d4483bb658545cbedcafa65e9a6ee045
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.6_amd64.deb
  Size/MD5:    25746 39cf872611b0f62f54b38953374b1c01
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.6_amd64.deb
  Size/MD5:   128784 dbf0ce78d28f3a62d2ef67074a04facb

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.6_i386.deb
  Size/MD5:    34776 16593bfabe944044a1c0c87fd006111b
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.6_i386.deb
  Size/MD5:    77984 67af7dd120fda3fabd5bf1bcde0ecaa0
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.6_i386.deb
  Size/MD5:  2253134 7d5f6f3d3343cf0f4873042947c3265f
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.6_i386.deb
  Size/MD5:     6096 2b68e82e024d376d649cd3b3c14cf378
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.6_i386.deb
  Size/MD5:    75008 b9b5873df6f6e12ca694404e0ae1397a
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.6_i386.deb
  Size/MD5:    25742 3d4a30e76a7ab05dddc49967c5af6206
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.6_i386.deb
  Size/MD5:   121008 75fa970f801c819ca2e37f42ccda165a

powerpc architecture (Apple Macintosh G3/G4/G5):

http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.6_powerpc.deb
  Size/MD5:    40466 e078800e5e94fa64a451cdbb8414acc3
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.6_powerpc.deb
  Size/MD5:    89536 b9a20806c2b91bd7370686ea3b8588da
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.6_powerpc.deb
  Size/MD5:  2300252 9252b6866259c84e63ee4dba67083ed8
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.6_powerpc.deb
  Size/MD5:     6096 4d677d45da127c45c81ce3889a9256a7
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.6_powerpc.deb
  Size/MD5:    77702 2e05e968244b734744f1fce8ebfafb33
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.6_powerpc.deb
  Size/MD5:    25752 9f7ba4ffc1c72e78047d983554e32512
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.6_powerpc.deb
  Size/MD5:   126772 8246a4b5933201f0f247f30ab5a97944

sparc architecture (Sun SPARC/UltraSPARC):

http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.6_sparc.deb
  Size/MD5:    35396 9193306b04ba1d9bcf0d22225cc839e6
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.6_sparc.deb
  Size/MD5:    78730 bce8c7563b87f3327a134c451364ce21
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.6_sparc.deb
  Size/MD5:  2286800 833891fe2b553542324e93bb306c9da4
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.6_sparc.deb
  Size/MD5:     6098 700ed2ed4032bae2bc5f7ad1b0938f65
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.6_sparc.deb
  Size/MD5:    74964 84b65d7d0127cc488d2aed110b7d9086
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.6_sparc.deb
  Size/MD5:    25740 fa32e9fe9c0d429a1159e41b07d5964f
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.6_sparc.deb
  Size/MD5:   122514 1e818d01773b5bc86b9f56e8022d6863

Updated packages for Ubuntu 6.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.4-2ubuntu3.2.diff.gz
  Size/MD5:   110832 2971bd952368028e975fd00a20ce501b
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.4-2ubuntu3.2.dsc
  Size/MD5:     1059 e98ea8935c9ceed519d111d32e552586
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.4.orig.tar.gz
  Size/MD5:  4091480 46722ad2dc78b12b5c05db2d080fe784

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.2.4-2ubuntu3.2_all.deb
  Size/MD5:   869636 834405f963c7a9ce3b3d69f09e1805fe

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.4-2ubuntu3.2_amd64.deb
  Size/MD5:    36710 d6b14470183b492c8a0695ae3cf5820d
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.4-2ubuntu3.2_amd64.deb
  Size/MD5:    82508 1f22c18ad0618cae8fd9b161debe997c
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.4-2ubuntu3.2_amd64.deb
  Size/MD5:  1480116 da71d67953ad08e275d92429aff51456
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.4-2ubuntu3.2_amd64.deb
  Size/MD5:     6122 869caee45ed45ef339c86eb51a114920
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.4-2ubuntu3.2_amd64.deb
  Size/MD5:    95102 8f5848eddffc362517e4ff676f835973
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.4-2ubuntu3.2_amd64.deb
  Size/MD5:    26142 8ec6a04b1c0389911e1f1dc9e5377536
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.4-2ubuntu3.2_amd64.deb
  Size/MD5:   171840 f8215cbe5fe52dd32a598cbc7f27a8a1

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.4-2ubuntu3.2_i386.deb
  Size/MD5:    36264 c1ce097acea2435d13a0773986769641
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.4-2ubuntu3.2_i386.deb
  Size/MD5:    80106 cbc3b76611aaece014e555a170dca185
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.4-2ubuntu3.2_i386.deb
  Size/MD5:  1463248 4d326335153bdf16670b4d6b23309adb
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.4-2ubuntu3.2_i386.deb
  Size/MD5:     6122 f3ee8c280dffbcb1be2e30087818fc12
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.4-2ubuntu3.2_i386.deb
  Size/MD5:    94910 b56efddf07944953ee6c93a357392ab5
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.4-2ubuntu3.2_i386.deb
  Size/MD5:    26140 062e3f1216765e325ed4bbc0dff04df5
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.4-2ubuntu3.2_i386.deb
  Size/MD5:   168962 ff967163df3e0c10338ebccecf816fa2

powerpc architecture (Apple Macintosh G3/G4/G5):

http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.4-2ubuntu3.2_powerpc.deb
  Size/MD5:    41804 90c6b755b81eac7f64cffdc410781637
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.4-2ubuntu3.2_powerpc.deb
  Size/MD5:    91146 93b16b2504ca56ca57ca562ccd109a42
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.4-2ubuntu3.2_powerpc.deb
  Size/MD5:  1497758 d713cc8d5962474285cfcb8f4d5c9387
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.4-2ubuntu3.2_powerpc.deb
  Size/MD5:     6126 61c3a759bc71ed557194b123ee547425
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.4-2ubuntu3.2_powerpc.deb
  Size/MD5:    97286 e4da8af1c90ae24bd767317aa8cfcf4a
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.4-2ubuntu3.2_powerpc.deb
  Size/MD5:    26138 fcd8753ebf0b695dea0375e713a85ea2
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.4-2ubuntu3.2_powerpc.deb
  Size/MD5:   172252 27806a56e06673bd3fe961f650939193

sparc architecture (Sun SPARC/UltraSPARC):

http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.4-2ubuntu3.2_sparc.deb
  Size/MD5:    36282 2b0888242ed98acf5f8214598a191ac4
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.4-2ubuntu3.2_sparc.deb
  Size/MD5:    80234 819d971ba0a287fc39f8ffe60a8dea46
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.4-2ubuntu3.2_sparc.deb
  Size/MD5:  1488822 33280b196dd0f5e372c01f679fa6b92a
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.4-2ubuntu3.2_sparc.deb
  Size/MD5:     6128 36f672bc145cc881f6ed0d501532c889
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.4-2ubuntu3.2_sparc.deb
  Size/MD5:    94144 b270ae4767e5a5a4f664686c688e4c83
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.4-2ubuntu3.2_sparc.deb
  Size/MD5:    26142 e951c05414d91657af1774951ff0b49c
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.4-2ubuntu3.2_sparc.deb
  Size/MD5:   168272 9c24a04995a400f1c868398d14b31740

Updated packages for Ubuntu 7.04:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.2.diff.gz
  Size/MD5:   155988 d5eeee8bb5b1be8f20732ddc15a146b7
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.2.dsc
  Size/MD5:     1143 0669aaa760ed047edc4f9a942882f01d
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8.orig.tar.gz
  Size/MD5:  4293194 107affe95fcf1cd4aaed4a5c73f4b91f

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.2.8-0ubuntu8.2_all.deb
  Size/MD5:   925994 663b23d61cc43e14a45a4079a1b53d14

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.2_amd64.deb
  Size/MD5:    37404 c857fcb86cf6fbc5a1fe7dcb93bcfc9c
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.2_amd64.deb
  Size/MD5:    83234 cb15baea3370ad40ad903ecdd5c2a150
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.2_amd64.deb
  Size/MD5:  1638028 f9e0e6d0ab30836134b18e68f515aa24
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.2_amd64.deb
  Size/MD5:    56372 45a35748bebb147b1ece7fc2318fe5d5
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.2_amd64.deb
  Size/MD5:   103904 3ec48e9e35555d39718da7dfa12296e1
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.2_amd64.deb
  Size/MD5:   144844 d7a36d83f016f81978d77334df958abe
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.2_amd64.deb
  Size/MD5:   181906 504d933b448fea5199083007de9def13

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.2_i386.deb
  Size/MD5:    36728 a9d95dd94c95b39fba113bad0ba83d31
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.2_i386.deb
  Size/MD5:    80756 002c4adb90d4aeb46f22cf043c2a3c5d
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.2_i386.deb
  Size/MD5:  1620614 dfd8630f8aa3bfc7a3603ab89376bbdc
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.2_i386.deb
  Size/MD5:    55450 15f5048b3543a2506d1b65937c145c10
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.2_i386.deb
  Size/MD5:   103602 621c142a15a018a53fb4e1c731dd6273
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.2_i386.deb
  Size/MD5:   139324 45c10a2df595a6e2d911e2ff3ab4a405
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.2_i386.deb
  Size/MD5:   178200 41745eaf4b7e638c6294c0c7d272e91b

powerpc architecture (Apple Macintosh G3/G4/G5):

http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.2_powerpc.deb
  Size/MD5:    46770 7b7c32c212787825b4c8ce5f23f11e9f
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.2_powerpc.deb
  Size/MD5:   101104 8a64784b5b11dbd2633de705b6803702
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.2_powerpc.deb
  Size/MD5:  1695072 a9a974ada7cab231ed81c03a91ddc6fa
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.2_powerpc.deb
  Size/MD5:    56224 859a93733a404b6336815740c704cb31
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.2_powerpc.deb
  Size/MD5:   109462 b57a9c49d5a186cb0a90ceff60fe3e0c
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.2_powerpc.deb
  Size/MD5:   141176 03a25641a1d1f0cc3daaff277fc9a1fe
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.2_powerpc.deb
  Size/MD5:   187796 4f7930d31e79c8e80c3002305f628abb

sparc architecture (Sun SPARC/UltraSPARC):

http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.2_sparc.deb
  Size/MD5:    37776 4b82dbd83e2d0ab3b8a37a1819df2be0
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.2_sparc.deb
  Size/MD5:    83754 ca7d3f04b938edf84d4495ee28401947
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.2_sparc.deb
  Size/MD5:  1658640 516e63f4be8670977ede42a5931f84d1
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.2_sparc.deb
  Size/MD5:    54742 c393dd034b59bdb312caa88e6e5a2518
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.2_sparc.deb
  Size/MD5:   103154 cca146d09d3d96060aae19ed28c9bad0
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.2_sparc.deb
  Size/MD5:   141756 8ac1af17f52affe05290eda3f632a5c2
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.2_sparc.deb
  Size/MD5:   177460 7a2e8e00865878da7823113b9c82fe96

Updated packages for Ubuntu 7.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.3.diff.gz
  Size/MD5:   123551 3081910dc48c0bf26861c418898424e5
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.3.dsc
  Size/MD5:     1218 31f9a51331fdef642f68181a96e48b90
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2.orig.tar.gz
  Size/MD5:  4848424 9e3e1dee4d872fdff0682041198d3d73

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.2-1ubuntu7.3_all.deb
  Size/MD5:  1080422 55bbe3cc2879bf863ea481de00a87d38

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.3_amd64.deb
  Size/MD5:    37090 c208eccfeb8c01c9c9cf69d533e48875
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.3_amd64.deb
  Size/MD5:    89264 d75e34c37e473f37049e9b8d56da85f9
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.3_amd64.deb
  Size/MD5:  2033330 19317bd0287cd2ffb107a79cb10221b7
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.3_amd64.deb
  Size/MD5:    59894 669b27a09c281c6627ac6f90cdaa9d6c
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.3_amd64.deb
  Size/MD5:    46744 3bf6625d4362c0b737f8092a5ce5d8f2
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.3_amd64.deb
  Size/MD5:   152012 918fb853dabc5e4f9b01d141a700cdd6
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.3_amd64.deb
  Size/MD5:   185064 9ba4383cca2c676c115f0896c4d3f7ac

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.3_i386.deb
  Size/MD5:    36386 a9cc51dd1d0bfb023a1723094b5dc8fd
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.3_i386.deb
  Size/MD5:    86266 a5a5f183b0072355dc7f6d7da0cc6150
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.3_i386.deb
  Size/MD5:  2016958 1a403efd5824fdd4aabc01d6fd4be80d
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.3_i386.deb
  Size/MD5:    58630 05c449135359e5dff074bb09d35ab993
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.3_i386.deb
  Size/MD5:    46096 190e2a501bcc471b47b19c0fab1e6faf
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.3_i386.deb
  Size/MD5:   145700 6bace8671d4aabfb12981f35bf90e3fd
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.3_i386.deb
  Size/MD5:   181864 48bdde0f8e4419ed820aad223f04a78e

powerpc architecture (Apple Macintosh G3/G4/G5):

http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.3_powerpc.deb
  Size/MD5:    46396 d418a342f7bcc3c62a00b6aaa91f6a55
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.3_powerpc.deb
  Size/MD5:   107534 b5021ac12d34feaa894822833a80f96c
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.3_powerpc.deb
  Size/MD5:  2098076 ce2bbaac830121b2e332e1d6be7f2812
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.3_powerpc.deb
  Size/MD5:    59338 a2e1ed47fc41b154279fa991d1b83b63
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.3_powerpc.deb
  Size/MD5:    51684 5dc5292ba6c5957c6906a1ec10425389
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.3_powerpc.deb
  Size/MD5:   146958 ca1a231a2fead08a3a291a98016ad164
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.3_powerpc.deb
  Size/MD5:   190810 df39b95fd46271a4102fa86991687d87

sparc architecture (Sun SPARC/UltraSPARC):

http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.3_sparc.deb
  Size/MD5:    37476 ad024b3c304fddd547f73533c2af353e
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.3_sparc.deb
  Size/MD5:    89402 d43d4d7730511ae01ada631e49a33386
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.3_sparc.deb
  Size/MD5:  2059212 5d8c784938e35c99434a9aeec756c7f0
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.3_sparc.deb
  Size/MD5:    57890 c16d91ecc08a9f644a4702694f061948
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.3_sparc.deb
  Size/MD5:    45426 9b43f0207dc35329c6b68a00f9470b27
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.3_sparc.deb
  Size/MD5:   148480 6475be7a82a097f3d1e650f2e1b34e4a
http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.3_sparc.deb
  Size/MD5:   180882 aa0f56882aee8a313019fd9806cb96e2

. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200712-14

                                        http://security.gentoo.org/

Severity: High Title: CUPS: Multiple vulnerabilities Date: December 18, 2007 Bugs: #199195, #201042, #201570 ID: 200712-14

Synopsis

Multiple vulnerabilities have been discovered in CUPS, allowing for the remote execution of arbitrary code and a Denial of Service.

Background

CUPS provides a portable printing layer for UNIX-based operating systems. The alternate pdftops filter is a CUPS filter used to convert PDF files to the Postscript format via Poppler; the filter is installed by default in Gentoo Linux. Elias Pipping (Gentoo) discovered that the alternate pdftops filter creates temporary files with predictable file names when reading from standard input (CVE-2007-6358). Furthermore, the resolution of a Denial of Service vulnerability covered in GLSA 200703-28 introduced another Denial of Service vulnerability within SSL handling (CVE-2007-4045). A local attacker could exploit the second vulnerability to overwrite arbitrary files with the privileges of the user running the CUPS spooler (usually lp) by using symlink attacks. A remote attacker could cause a Denial of Service condition via the third vulnerability when SSL is enabled in CUPS.

Workaround

To disable SNMP support in CUPS, you have have to manually delete the file "/usr/libexec/cups/backend/snmp". Please note that the file is reinstalled if you merge CUPS again later. To disable the pdftops filter, delete all lines referencing "pdftops" in CUPS' "mime.convs" configuration file. To work around the third vulnerability, disable SSL support via the corresponding USE flag.

Resolution

All CUPS users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-print/cups-1.2.12-r4"

References

[ 1 ] CVE-2007-4045 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4045 [ 2 ] CVE-2007-5849 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5849 [ 3 ] CVE-2007-6358 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6358 [ 4 ] GLSA 200703-28 http://www.gentoo.org/security/en/glsa/glsa-200703-28.xml

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200712-14.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5 .

Background

AMD64 x86 emulation base libraries provides pre-compiled 32-bit libraries.

Affected packages

-------------------------------------------------------------------
 Package              /     Vulnerable     /            Unaffected
-------------------------------------------------------------------

1 app-emulation/emul-linux-x86-baselibs < 20140406-r1 >= 20140406-r1

Description

Multiple vulnerabilities have been discovered in AMD64 x86 emulation base libraries. Please review the CVE identifiers referenced below for details.

Workaround

There is no known workaround at this time. They are included in this advisory for the sake of completeness. It is likely that your system is already no longer affected by them. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

Debian Security Advisory DSA-1437-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff December 26, 2007 http://www.debian.org/security/faq

Package : cupsys Vulnerability : several Problem type : local Debian-specific: no CVE Id(s) : CVE-2007-5849 CVE-2007-6358

Several local vulnerabilities have been discovered in the Common UNIX Printing System. This vulnerability is not exploitable in the default configuration.

For the stable distribution (etch), these problems have been fixed in version 1.2.7-4etch2.

The old stable distribution (sarge) is not affected by CVE-2007-5849. The other issue doesn't warrant an update on it's own and has been postponed.

For the unstable distribution (sid), these problems have been fixed in version 1.3.5-1.

We recommend that you upgrade your cupsys packages.

Upgrade instructions

wget url will fetch the file for you dpkg -i file.deb will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update will update the internal database apt-get upgrade will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian 4.0 (stable)

Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2.dsc Size/MD5 checksum: 1084 7eda7d3797d141d174e163f837cd91b4 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7.orig.tar.gz Size/MD5 checksum: 4214272 c9ba33356e5bb93efbcf77b6e142e498 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2.diff.gz Size/MD5 checksum: 103089 a856a1ff975042783cb87f23d15e5b3a

Architecture independent packages:

http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.2.7-4etch2_all.deb Size/MD5 checksum: 45246 3216cd80859aa97b7c8c5774b2462db2 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-common_1.2.7-4etch2_all.deb Size/MD5 checksum: 893020 28b90e7e58400b9216f72cecf7de0d4a

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_alpha.deb Size/MD5 checksum: 1096542 686386cd43230708d49cea4af0d57b9f http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_alpha.deb Size/MD5 checksum: 94468 32d1efdef788039ac00ed1e57a6fcc47 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_alpha.deb Size/MD5 checksum: 1608840 d042363f0999e1f11939e3f5e8de8b38 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_alpha.deb Size/MD5 checksum: 72432 5e43d1208715258c4ff09dcee0fa4081 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_alpha.deb Size/MD5 checksum: 86284 dca9ccc53cb8fcf7b8e1a44b8e76a6ad http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_alpha.deb Size/MD5 checksum: 184372 cb6c4f2c2a08ccc55c25c35d039fe400 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_alpha.deb Size/MD5 checksum: 39260 cdfc7a39f71c1aed6973a2956cf8749d http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_alpha.deb Size/MD5 checksum: 174608 e2c1ebf86bfc9f538a640c8ea385330f

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_amd64.deb Size/MD5 checksum: 142552 60167bc344afbaa54904b295c78def9c http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_amd64.deb Size/MD5 checksum: 36366 3feca5f614aca7d527b1beba01462f6e http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_amd64.deb Size/MD5 checksum: 161666 65ebf0f70d842eeb8adc309946357b4d http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_amd64.deb Size/MD5 checksum: 85314 0be1f821b4880c7a4b83cd7779edbce4 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_amd64.deb Size/MD5 checksum: 80704 26db3ea2f4aee728ead9ffba2686b827 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_amd64.deb Size/MD5 checksum: 1574360 3a1e7f5f6a8766a1f89aa65fc47c5d72 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_amd64.deb Size/MD5 checksum: 52862 3e8caecdc231fcded29f0029b76019a8 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_amd64.deb Size/MD5 checksum: 1085694 235f96f3c07947ab11cd4222490441f0

arm architecture (ARM)

http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_arm.deb Size/MD5 checksum: 48532 08ce8a9c2d9edf30a381ddc34073c397 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_arm.deb Size/MD5 checksum: 1025036 c3165815ab4292c0b200176c4c0ad7d6 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_arm.deb Size/MD5 checksum: 35924 02c6ebde8deb0fcb39074deb5895b95b http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_arm.deb Size/MD5 checksum: 78912 33627a4c4e1dd3b4001f165cfda64259 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_arm.deb Size/MD5 checksum: 132054 c4e04d8fb763e599931f3cb0207d84cb http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_arm.deb Size/MD5 checksum: 154314 0dcbd01293a5a0925af776bc0d6490fa http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_arm.deb Size/MD5 checksum: 84494 66ff0b8a8b07d0faddee758806e044be http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_arm.deb Size/MD5 checksum: 1568356 725c88c2ac3737a0a323e82a5877f8f9

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_hppa.deb Size/MD5 checksum: 39264 528456372ac16c6dc257d2672a24cc84 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_hppa.deb Size/MD5 checksum: 85260 60da86a4e6b72d49f3c405cda6eaaa33 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_hppa.deb Size/MD5 checksum: 90316 7d7093a9bca7c6ee4a190eaea715cf1f http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_hppa.deb Size/MD5 checksum: 57026 7e78c5bf532b9761b6ebc290c4c24b94 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_hppa.deb Size/MD5 checksum: 171548 37bfd1849d459be20f5df6da4d0e8f19 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_hppa.deb Size/MD5 checksum: 1611932 3a3e91d8c878c6ec42a99d1bfacbafac http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_hppa.deb Size/MD5 checksum: 154600 fc87ba725d54223245d9cb71777307a7 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_hppa.deb Size/MD5 checksum: 1031728 cdcfb63a3a2200f4ca36aa0d530c32d9

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_i386.deb Size/MD5 checksum: 53068 e28d98e95a5e543991b996e84d028863 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_i386.deb Size/MD5 checksum: 138280 28df76637f6b23d98ec81f6a7bf2b6ba http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_i386.deb Size/MD5 checksum: 159796 fa2db05d879ce293041be45683febe8b http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_i386.deb Size/MD5 checksum: 1547840 6d7396410919ae7207d3d9aadfb5026f http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_i386.deb Size/MD5 checksum: 79880 c392020f91e2901d4122ef6a1fa08fed http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_i386.deb Size/MD5 checksum: 85778 a11291b1a834d42ba160fb8d92db0c3a http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_i386.deb Size/MD5 checksum: 997490 0d91574ed291678037351dd0a32f445f http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_i386.deb Size/MD5 checksum: 36476 ee84ce1774c646915ba410dadcda3470

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_ia64.deb Size/MD5 checksum: 1107194 dc683bec9dcfffc4a1e020b2859e1fab http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_ia64.deb Size/MD5 checksum: 106228 db41cfc57bf2d43da703285f9790344c http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_ia64.deb Size/MD5 checksum: 46332 f52d7a07c6acf6613da1ae43f64b8ef7 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_ia64.deb Size/MD5 checksum: 203378 9da06426a99702d4485b528d542b666d http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_ia64.deb Size/MD5 checksum: 105872 cd243300f6b804b2501e5681401c574e http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_ia64.deb Size/MD5 checksum: 73934 b3618bd2d5b1de8371ea56301312ef3a http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_ia64.deb Size/MD5 checksum: 192368 35aba3be08e6a72b54617bb666b12d4c http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_ia64.deb Size/MD5 checksum: 1769808 8d0ab1028149cabd9d946c44cf4d4f86

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_mips.deb Size/MD5 checksum: 77158 5302b4e5edb3d0d7733481eaabdbddcf http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_mips.deb Size/MD5 checksum: 85874 d6beacabf8db05137b4c4357ea7557e9 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_mips.deb Size/MD5 checksum: 157884 d0f4ed5d1da24041179f9f2697f2ffcb http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_mips.deb Size/MD5 checksum: 1096124 feea35b2ae01af3b06ee3ce8a854324e http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_mips.deb Size/MD5 checksum: 35968 0bb0b6c1018c466326b6406de4af093e http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_mips.deb Size/MD5 checksum: 150766 ff55f24b0b36722265644252857d8b5c http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_mips.deb Size/MD5 checksum: 1550792 97167182293fc8400cb9fefffc3670e7 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_mips.deb Size/MD5 checksum: 57384 b2473f40bde45105c0bdec916ff93cdb

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_mipsel.deb Size/MD5 checksum: 86054 f78f586a8f15727e28c67bca58caaa26 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_mipsel.deb Size/MD5 checksum: 1552410 94190014545b85b403a21e97d9901776 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_mipsel.deb Size/MD5 checksum: 157716 e0bd0f1e90b1124b1441bc1f313a7764 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_mipsel.deb Size/MD5 checksum: 1083814 a5968478d72e11f19d4e019d3095e51f http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_mipsel.deb Size/MD5 checksum: 36068 363ff5b0694c2fef407a92dea1ba1c4e http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_mipsel.deb Size/MD5 checksum: 77458 db7144590602bf3cf25cba5fdce485a8 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_mipsel.deb Size/MD5 checksum: 57700 04626a4cb44728ea61bcb7f8d8ddc1ed http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_mipsel.deb Size/MD5 checksum: 150902 f3cb4f6ca36503d7b70aab6d559199d2

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_powerpc.deb Size/MD5 checksum: 51792 e89680c8a9b4851ebb5ad0d304e6bbb7 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_powerpc.deb Size/MD5 checksum: 90002 ce367709844a87951f810524aadfea4c http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_powerpc.deb Size/MD5 checksum: 136864 0aabc007ab84b86a77f6c601ba8d44fd http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_powerpc.deb Size/MD5 checksum: 87576 f18bba76c873a6238e78a80182c0cd38 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_powerpc.deb Size/MD5 checksum: 1575144 506c85d9a8b03be737ccb8dd3fd31248 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_powerpc.deb Size/MD5 checksum: 1141712 b6ab866de7c8c6f2051c2a813003a722 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_powerpc.deb Size/MD5 checksum: 162358 08096969b7e8ef48d2ece9a86600004a http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_powerpc.deb Size/MD5 checksum: 41290 b7eb0528a3b1b8bd07247fd9e16b76c2

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_s390.deb Size/MD5 checksum: 1586292 01001ec68f5ff6a090ebff3099265be0 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_s390.deb Size/MD5 checksum: 1035680 081c5ca040751dc4ec59d2a83289099c http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_s390.deb Size/MD5 checksum: 86854 5011337fee7f4dcfb62a6c95f7054e98 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_s390.deb Size/MD5 checksum: 37422 731fb2009fa3cf47e270c35348d2e3e4 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_s390.deb Size/MD5 checksum: 82338 4f93e2f975642addd238eecf78a94779 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_s390.deb Size/MD5 checksum: 165816 c69411004d08763f1b86a5d517592fc7 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_s390.deb Size/MD5 checksum: 144946 74bca185776b08ac50a9abcc17019e68 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_s390.deb Size/MD5 checksum: 52260 1324db10b3374beb81b98032ba92e2b8

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_sparc.deb Size/MD5 checksum: 51580 6052b09bd8c4cb9600156b24f185122a http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_sparc.deb Size/MD5 checksum: 139570 2aa5b4d2d64849aa048489332f7e3aca http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_sparc.deb Size/MD5 checksum: 1561428 59199c965cba64d0aaf9a2de6c3432b6 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_sparc.deb Size/MD5 checksum: 84282 edec6a1d4af9df91f2d2b5c20553dbe9 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_sparc.deb Size/MD5 checksum: 990474 e276a14d21a6d7661c91c3420c96e142 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_sparc.deb Size/MD5 checksum: 158256 d43c9657a710bb5969e704208502f59f http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_sparc.deb Size/MD5 checksum: 78514 32c106b3332c95dd0f24d6cf5d208add http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_sparc.deb Size/MD5 checksum: 36020 751c12e8f83f04b5fd54d4a23abdf6fc

These files will probably be moved into the stable distribution on its next update.

For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHclSzXm3vHE4uyloRAqN4AJ446Cy9X2qGSIJqCKirOI2pWmEseACgygi1 mLr61xygMrJtafqG+L6vzQw= =Kaoc -----END PGP SIGNATURE----- .

The updated packages have been patched to correct these issues.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4045 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5849

Updated Packages:

Mandriva Linux 2007.0: e7b60799c6564dab2fac51c4f141dbe5 2007.0/i586/cups-1.2.4-1.6mdv2007.0.i586.rpm 4c32071aad3f9098ea2dd2f9a1b7cd49 2007.0/i586/cups-common-1.2.4-1.6mdv2007.0.i586.rpm 63d9a864863267cf2f4fddc02e095e06 2007.0/i586/cups-serial-1.2.4-1.6mdv2007.0.i586.rpm 1f4920904c759ce0e9abb3bbc8cdd594 2007.0/i586/libcups2-1.2.4-1.6mdv2007.0.i586.rpm b1ec7aa06c2be308ff9c2a63da1c7731 2007.0/i586/libcups2-devel-1.2.4-1.6mdv2007.0.i586.rpm f383e8d9d10ca981e447dd6a01ee851d 2007.0/i586/php-cups-1.2.4-1.6mdv2007.0.i586.rpm f79a5dfe12eb0645f787ad1112c21df6 2007.0/SRPMS/cups-1.2.4-1.6mdv2007.0.src.rpm

Mandriva Linux 2007.0/X86_64: b7553d0c3fbc26b3701b141c9b83d4f3 2007.0/x86_64/cups-1.2.4-1.6mdv2007.0.x86_64.rpm 4a38d3105789f691876915a408b14238 2007.0/x86_64/cups-common-1.2.4-1.6mdv2007.0.x86_64.rpm 66f5f00ec62eda88ad3bcc4a7c1bb9f8 2007.0/x86_64/cups-serial-1.2.4-1.6mdv2007.0.x86_64.rpm 8cb823e9208e3318df6856d6f604e915 2007.0/x86_64/lib64cups2-1.2.4-1.6mdv2007.0.x86_64.rpm 87a2ecc7dea1d4df9dc375aaa08706df 2007.0/x86_64/lib64cups2-devel-1.2.4-1.6mdv2007.0.x86_64.rpm 80f26c35b1a9df435722fda1cbbf73a3 2007.0/x86_64/php-cups-1.2.4-1.6mdv2007.0.x86_64.rpm f79a5dfe12eb0645f787ad1112c21df6 2007.0/SRPMS/cups-1.2.4-1.6mdv2007.0.src.rpm

Mandriva Linux 2007.1: 211c3ad187609d5b780ff3fa5b49e444 2007.1/i586/cups-1.2.10-2.4mdv2007.1.i586.rpm 7d40f786123cf00358798508bb62d3d3 2007.1/i586/cups-common-1.2.10-2.4mdv2007.1.i586.rpm 0e5804893b2a9246b0e868c31b32b06b 2007.1/i586/cups-serial-1.2.10-2.4mdv2007.1.i586.rpm 338d3dec619d84e87f51bd7cfd16d8d2 2007.1/i586/libcups2-1.2.10-2.4mdv2007.1.i586.rpm 8db18206adc7d5e06791544156b055b3 2007.1/i586/libcups2-devel-1.2.10-2.4mdv2007.1.i586.rpm 62132f4112ac2b0a2d12774d29bec0cb 2007.1/i586/php-cups-1.2.10-2.4mdv2007.1.i586.rpm 4ba57d3741a92f13208328191a9a1778 2007.1/SRPMS/cups-1.2.10-2.4mdv2007.1.src.rpm

Mandriva Linux 2007.1/X86_64: 8c149f4c10733c9a9111160ae59ad925 2007.1/x86_64/cups-1.2.10-2.4mdv2007.1.x86_64.rpm 4b1daf55b41af95a1cd84bebe942d560 2007.1/x86_64/cups-common-1.2.10-2.4mdv2007.1.x86_64.rpm 5c5ca12c2c1acc4d4dbabdd1a724c6b6 2007.1/x86_64/cups-serial-1.2.10-2.4mdv2007.1.x86_64.rpm c3b6080be7e3f4705a8a2a49bcffd444 2007.1/x86_64/lib64cups2-1.2.10-2.4mdv2007.1.x86_64.rpm e0b59e5053778c2ffa2f54e0b45d2d39 2007.1/x86_64/lib64cups2-devel-1.2.10-2.4mdv2007.1.x86_64.rpm f55015ed699bf755c426f543c1663c68 2007.1/x86_64/php-cups-1.2.10-2.4mdv2007.1.x86_64.rpm 4ba57d3741a92f13208328191a9a1778 2007.1/SRPMS/cups-1.2.10-2.4mdv2007.1.src.rpm

Mandriva Linux 2008.0: 5e6c08849a88b069afaa97a41e9e960e 2008.0/i586/cups-1.3.0-3.4mdv2008.0.i586.rpm 9572d60e8afebae8af024b1fe7209fb3 2008.0/i586/cups-common-1.3.0-3.4mdv2008.0.i586.rpm 3f289e765d786c9e10ea5cfc21f73f6b 2008.0/i586/cups-serial-1.3.0-3.4mdv2008.0.i586.rpm c0fd3de781ef4d6ed0f9e13cae53d883 2008.0/i586/libcups2-1.3.0-3.4mdv2008.0.i586.rpm 610b6e72c3c11c6015f8177701156351 2008.0/i586/libcups2-devel-1.3.0-3.4mdv2008.0.i586.rpm fb6ef9cab451a3133be7f76ba840b012 2008.0/i586/php-cups-1.3.0-3.4mdv2008.0.i586.rpm 188a7ec8777c3b4b31750580117a870e 2008.0/SRPMS/cups-1.3.0-3.4mdv2008.0.src.rpm

Mandriva Linux 2008.0/X86_64: 402aea771b06142b45b722bff80f091e 2008.0/x86_64/cups-1.3.0-3.4mdv2008.0.x86_64.rpm f2455232cc2a9573ecec47ef56cdc597 2008.0/x86_64/cups-common-1.3.0-3.4mdv2008.0.x86_64.rpm 37a5555a41d6fb417b21939c805664f2 2008.0/x86_64/cups-serial-1.3.0-3.4mdv2008.0.x86_64.rpm ce9c705103f3818d9c5795c9870fe8ff 2008.0/x86_64/lib64cups2-1.3.0-3.4mdv2008.0.x86_64.rpm 69cbe40728e22cc75aec77357f1afd05 2008.0/x86_64/lib64cups2-devel-1.3.0-3.4mdv2008.0.x86_64.rpm 383988eb5c94bb74024fdf374cb3b2be 2008.0/x86_64/php-cups-1.3.0-3.4mdv2008.0.x86_64.rpm 188a7ec8777c3b4b31750580117a870e 2008.0/SRPMS/cups-1.3.0-3.4mdv2008.0.src.rpm

Corporate 3.0: 22d8969d906321fbee18c2bbc85588d3 corporate/3.0/i586/cups-1.1.20-5.15.C30mdk.i586.rpm 36304afe8bedfa972b100864a155c631 corporate/3.0/i586/cups-common-1.1.20-5.15.C30mdk.i586.rpm c769d1450268709318ca831aa61fb0e1 corporate/3.0/i586/cups-serial-1.1.20-5.15.C30mdk.i586.rpm add323f4e6d19502d1784d8170b56158 corporate/3.0/i586/libcups2-1.1.20-5.15.C30mdk.i586.rpm 1795159898f7d56792ccb5d2fa94f01d corporate/3.0/i586/libcups2-devel-1.1.20-5.15.C30mdk.i586.rpm 862992a50ff8f3311bc1e6a57e916f44 corporate/3.0/SRPMS/cups-1.1.20-5.15.C30mdk.src.rpm

Corporate 3.0/X86_64: 4cc49531ae7c6e30a6119a96fd6e2be7 corporate/3.0/x86_64/cups-1.1.20-5.15.C30mdk.x86_64.rpm d99c41a39764138480fd0498fc08dc86 corporate/3.0/x86_64/cups-common-1.1.20-5.15.C30mdk.x86_64.rpm 1217f6489b62f4f97272266a36ad1dcf corporate/3.0/x86_64/cups-serial-1.1.20-5.15.C30mdk.x86_64.rpm 37b559193f8165d5fb94f3dfb0a17002 corporate/3.0/x86_64/lib64cups2-1.1.20-5.15.C30mdk.x86_64.rpm 29f3155a705199ddc18d4f07151ee0e5 corporate/3.0/x86_64/lib64cups2-devel-1.1.20-5.15.C30mdk.x86_64.rpm 862992a50ff8f3311bc1e6a57e916f44 corporate/3.0/SRPMS/cups-1.1.20-5.15.C30mdk.src.rpm

Corporate 4.0: 2ff282c107a464893dceecd702a49fbb corporate/4.0/i586/cups-1.2.4-0.6.20060mlcs4.i586.rpm d40e3334925c3dfeb4cf69c9a81279da corporate/4.0/i586/cups-common-1.2.4-0.6.20060mlcs4.i586.rpm c0cd1b083354931223532a3f66708796 corporate/4.0/i586/cups-serial-1.2.4-0.6.20060mlcs4.i586.rpm 2cbac22995a55e1f2a2775c9b2f993ef corporate/4.0/i586/libcups2-1.2.4-0.6.20060mlcs4.i586.rpm 6e2f4b34178fea2cf9fbc6d2ef23bb10 corporate/4.0/i586/libcups2-devel-1.2.4-0.6.20060mlcs4.i586.rpm 7013f9f6c6820f411bbece64eef74338 corporate/4.0/i586/php-cups-1.2.4-0.6.20060mlcs4.i586.rpm af983d1c74680e800bdc2cf9190a64d3 corporate/4.0/SRPMS/cups-1.2.4-0.6.20060mlcs4.src.rpm

Corporate 4.0/X86_64: 5b7647d72d7c6717fc66511d99dfb85d corporate/4.0/x86_64/cups-1.2.4-0.6.20060mlcs4.x86_64.rpm 4e2885508967804e2036312408b887a6 corporate/4.0/x86_64/cups-common-1.2.4-0.6.20060mlcs4.x86_64.rpm c2c7dcc9fe085e0763bfdb492fb75efc corporate/4.0/x86_64/cups-serial-1.2.4-0.6.20060mlcs4.x86_64.rpm 8638a23ea946526c960840507933c835 corporate/4.0/x86_64/lib64cups2-1.2.4-0.6.20060mlcs4.x86_64.rpm 856b172bc91bbd802a821a775d45b6c9 corporate/4.0/x86_64/lib64cups2-devel-1.2.4-0.6.20060mlcs4.x86_64.rpm f97300e6f09ef8b08d1a0563a5c324f1 corporate/4.0/x86_64/php-cups-1.2.4-0.6.20060mlcs4.x86_64.rpm af983d1c74680e800bdc2cf9190a64d3 corporate/4.0/SRPMS/cups-1.2.4-0.6.20060mlcs4.src.rpm

To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (GNU/Linux)

iD8DBQFHqfERmqjQ0CJFipgRAjdGAKDHckN83/fyAlJvHgk69P50eexo2wCbBhR9 nEhVEeHY+sACGciJMKbk5+I= =Qgcw -----END PGP SIGNATURE----- .

Want a new job? http://secunia.com/secunia_vacancies/

Secunia is looking for new researchers with a reversing background and experience in writing exploit code: http://secunia.com/hardcore_disassembler_and_reverse_engineer/ http://secunia.com/Disassembling_og_Reversing/ http://secunia.com/Linux_Security_Specialist/

TITLE: Gentoo update for cups

SECUNIA ADVISORY ID: SA24660

VERIFY ADVISORY: http://secunia.com/advisories/24660/

CRITICAL: Less critical

IMPACT: DoS

WHERE:

From local network

OPERATING SYSTEM: Gentoo Linux 1.x http://secunia.com/product/339/

DESCRIPTION: Gentoo has issued an update for cups.

For more information: SA24517

SOLUTION: Update to "net-print/cups-1.2.9" or later.

ORIGINAL ADVISORY: http://www.gentoo.org/security/en/glsa/glsa-200703-28.xml

OTHER REFERENCES: SA24517: http://secunia.com/advisories/24517/

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200712-0433",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "cups",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "easy products",
        "version": "1.2.12"
      },
      {
        "model": "cups",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "easy products",
        "version": "1.3.3"
      },
      {
        "model": "cups",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "easy products",
        "version": "1.2.9"
      },
      {
        "model": "cups",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "easy products",
        "version": "1.2.4"
      },
      {
        "model": "cups",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "easy products",
        "version": "1.2.10"
      },
      {
        "model": "cups",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "cups",
        "version": "1.3.4"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.5.1"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.5.1"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "10.5.1"
      },
      {
        "model": "linux sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "7.10"
      },
      {
        "model": "linux powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "7.10"
      },
      {
        "model": "linux i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "7.10"
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "7.10"
      },
      {
        "model": "linux sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "7.04"
      },
      {
        "model": "linux powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "7.04"
      },
      {
        "model": "linux i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "7.04"
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "7.04"
      },
      {
        "model": "linux sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "6.10"
      },
      {
        "model": "linux powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "6.10"
      },
      {
        "model": "linux i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "6.10"
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "6.10"
      },
      {
        "model": "linux lts sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "6.06"
      },
      {
        "model": "linux lts powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "6.06"
      },
      {
        "model": "linux lts i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "6.06"
      },
      {
        "model": "linux lts amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "6.06"
      },
      {
        "model": "opensuse",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "10.3"
      },
      {
        "model": "opensuse",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "10.2"
      },
      {
        "model": "linux mandrake x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2008.0"
      },
      {
        "model": "linux mandrake",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2008.0"
      },
      {
        "model": "linux mandrake x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2007.1"
      },
      {
        "model": "linux mandrake",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2007.1"
      },
      {
        "model": "linux mandrake x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2007.0"
      },
      {
        "model": "linux mandrake",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2007.0"
      },
      {
        "model": "corporate server x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandrakesoft",
        "version": "4.0"
      },
      {
        "model": "corporate server x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandrakesoft",
        "version": "3.0"
      },
      {
        "model": "corporate server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandrakesoft",
        "version": "3.0"
      },
      {
        "model": "corporate server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandrakesoft",
        "version": "4.0"
      },
      {
        "model": "linux",
        "scope": null,
        "trust": 0.3,
        "vendor": "gentoo",
        "version": null
      },
      {
        "model": "software products cups",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "easy",
        "version": "1.3.3"
      },
      {
        "model": "software products cups",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "easy",
        "version": "1.2.12"
      },
      {
        "model": "software products cups",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "easy",
        "version": "1.2.10"
      },
      {
        "model": "software products cups",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "easy",
        "version": "1.2.9"
      },
      {
        "model": "software products cups",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "easy",
        "version": "1.2.4"
      },
      {
        "model": "linux sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "4.0"
      },
      {
        "model": "linux s/390",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "4.0"
      },
      {
        "model": "linux powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "4.0"
      },
      {
        "model": "linux mipsel",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "4.0"
      },
      {
        "model": "linux mips",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "4.0"
      },
      {
        "model": "linux m68k",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "4.0"
      },
      {
        "model": "linux ia-64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "4.0"
      },
      {
        "model": "linux ia-32",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "4.0"
      },
      {
        "model": "linux hppa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "4.0"
      },
      {
        "model": "linux arm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "4.0"
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "4.0"
      },
      {
        "model": "linux alpha",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "4.0"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "4.0"
      },
      {
        "model": "cups",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "1.3.5"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "rpath",
        "version": "1"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.1"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.11"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.10"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.9"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.8"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.7"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.6"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.5"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.4"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.3"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.2"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.1"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.11"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.10"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.9"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.8"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.7"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.6"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "26917"
      },
      {
        "db": "BID",
        "id": "26910"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001044"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200712-228"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-5849"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:easy_software_products:cups:1.3.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:easy_software_products:cups:1.2.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:easy_software_products:cups:1.2.12:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:easy_software_products:cups:1.2.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:easy_software_products:cups:1.2.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2007-5849"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Wei Wang wei_wang@mcafee.com",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200712-228"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2007-5849",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 9.3,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2007-5849",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "VHN-29211",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2007-5849",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200712-228",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-29211",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-29211"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001044"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200712-228"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-5849"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Integer underflow in the asn1_get_string function in the SNMP back end (backend/snmp.c) for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that triggers a stack-based buffer overflow. Common UNIX Printing System (CUPS) is prone to a remote buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied data before copying it to an insufficiently sized buffer. Failed exploit attempts will likely result in denial-of-service conditions. Apple Mac OS X is prone to multiple security vulnerabilities. \nThese issues affect Mac OS X and various applications, including Address Book, CFNetwork, ColorSync, CoreFoundation, CUPS, Desktop Services, iChat, IO Storage Family, Launch Services, Mail, Quick Look, Safari, Safari RSS, SMB, Software Update, Spin Tracer, Spotlight, tcpdump, and XQuery. \nAttackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, and potentially compromise vulnerable computers. \nApple Mac OS X 10.5.1 and prior versions are vulnerable to these issues. Apple Common Unix Printing System (CUPS) is an open source printing system for OS X and Unix-like systems developed by Apple. The system is based on the Internet Printing Protocol (IPP) and provides most PostScript and raster printer services. There is a vulnerability when CUPS processes SNMP requests containing malformed data, and remote attackers may exploit this vulnerability to control the server. There is a symbol error in the asn1_get_string() function in the backend/snmp.c file of CUPS. =========================================================== \nUbuntu Security Notice USN-563-1           January 09, 2008\ncupsys vulnerabilities\nCVE-2007-5849, CVE-2007-6358\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 6.10\nUbuntu 7.04\nUbuntu 7.10\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n  cupsys                          1.2.2-0ubuntu0.6.06.6\n\nUbuntu 6.10:\n  cupsys                          1.2.4-2ubuntu3.2\n\nUbuntu 7.04:\n  cupsys                          1.2.8-0ubuntu8.2\n\nUbuntu 7.10:\n  cupsys                          1.3.2-1ubuntu7.3\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.6.diff.gz\n      Size/MD5:    96854 c42f659f650a9c0d81bdb4f8ba7004bf\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.6.dsc\n      Size/MD5:     1049 01c4bd2466a668f82bc852b2658e3f24\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2.orig.tar.gz\n      Size/MD5:  4070384 2c99b8aa4c8dc25c8a84f9c06aa52e3e\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.2.2-0ubuntu0.6.06.6_all.deb\n      Size/MD5:      996 b0b0b7b1a5b04ac737c6c1c506bf0a1d\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.6_amd64.deb\n      Size/MD5:    36242 0d64ba11e2e59e2f089fdb40efed1565\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.6_amd64.deb\n      Size/MD5:    81910 3f9240a0ac855620f13662ecd48224d5\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.6_amd64.deb\n      Size/MD5:  2285594 073223e345043bfa56f5d173393cbbfe\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.6_amd64.deb\n      Size/MD5:     6094 dcb63118059086cdf2fe9f66eab3c9ab\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.6_amd64.deb\n      Size/MD5:    75942 d4483bb658545cbedcafa65e9a6ee045\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.6_amd64.deb\n      Size/MD5:    25746 39cf872611b0f62f54b38953374b1c01\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.6_amd64.deb\n      Size/MD5:   128784 dbf0ce78d28f3a62d2ef67074a04facb\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.6_i386.deb\n      Size/MD5:    34776 16593bfabe944044a1c0c87fd006111b\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.6_i386.deb\n      Size/MD5:    77984 67af7dd120fda3fabd5bf1bcde0ecaa0\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.6_i386.deb\n      Size/MD5:  2253134 7d5f6f3d3343cf0f4873042947c3265f\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.6_i386.deb\n      Size/MD5:     6096 2b68e82e024d376d649cd3b3c14cf378\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.6_i386.deb\n      Size/MD5:    75008 b9b5873df6f6e12ca694404e0ae1397a\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.6_i386.deb\n      Size/MD5:    25742 3d4a30e76a7ab05dddc49967c5af6206\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.6_i386.deb\n      Size/MD5:   121008 75fa970f801c819ca2e37f42ccda165a\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.6_powerpc.deb\n      Size/MD5:    40466 e078800e5e94fa64a451cdbb8414acc3\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.6_powerpc.deb\n      Size/MD5:    89536 b9a20806c2b91bd7370686ea3b8588da\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.6_powerpc.deb\n      Size/MD5:  2300252 9252b6866259c84e63ee4dba67083ed8\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.6_powerpc.deb\n      Size/MD5:     6096 4d677d45da127c45c81ce3889a9256a7\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.6_powerpc.deb\n      Size/MD5:    77702 2e05e968244b734744f1fce8ebfafb33\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.6_powerpc.deb\n      Size/MD5:    25752 9f7ba4ffc1c72e78047d983554e32512\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.6_powerpc.deb\n      Size/MD5:   126772 8246a4b5933201f0f247f30ab5a97944\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.6_sparc.deb\n      Size/MD5:    35396 9193306b04ba1d9bcf0d22225cc839e6\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.6_sparc.deb\n      Size/MD5:    78730 bce8c7563b87f3327a134c451364ce21\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.6_sparc.deb\n      Size/MD5:  2286800 833891fe2b553542324e93bb306c9da4\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.6_sparc.deb\n      Size/MD5:     6098 700ed2ed4032bae2bc5f7ad1b0938f65\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.6_sparc.deb\n      Size/MD5:    74964 84b65d7d0127cc488d2aed110b7d9086\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.6_sparc.deb\n      Size/MD5:    25740 fa32e9fe9c0d429a1159e41b07d5964f\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.6_sparc.deb\n      Size/MD5:   122514 1e818d01773b5bc86b9f56e8022d6863\n\nUpdated packages for Ubuntu 6.10:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.4-2ubuntu3.2.diff.gz\n      Size/MD5:   110832 2971bd952368028e975fd00a20ce501b\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.4-2ubuntu3.2.dsc\n      Size/MD5:     1059 e98ea8935c9ceed519d111d32e552586\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.4.orig.tar.gz\n      Size/MD5:  4091480 46722ad2dc78b12b5c05db2d080fe784\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.2.4-2ubuntu3.2_all.deb\n      Size/MD5:   869636 834405f963c7a9ce3b3d69f09e1805fe\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.4-2ubuntu3.2_amd64.deb\n      Size/MD5:    36710 d6b14470183b492c8a0695ae3cf5820d\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.4-2ubuntu3.2_amd64.deb\n      Size/MD5:    82508 1f22c18ad0618cae8fd9b161debe997c\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.4-2ubuntu3.2_amd64.deb\n      Size/MD5:  1480116 da71d67953ad08e275d92429aff51456\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.4-2ubuntu3.2_amd64.deb\n      Size/MD5:     6122 869caee45ed45ef339c86eb51a114920\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.4-2ubuntu3.2_amd64.deb\n      Size/MD5:    95102 8f5848eddffc362517e4ff676f835973\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.4-2ubuntu3.2_amd64.deb\n      Size/MD5:    26142 8ec6a04b1c0389911e1f1dc9e5377536\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.4-2ubuntu3.2_amd64.deb\n      Size/MD5:   171840 f8215cbe5fe52dd32a598cbc7f27a8a1\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.4-2ubuntu3.2_i386.deb\n      Size/MD5:    36264 c1ce097acea2435d13a0773986769641\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.4-2ubuntu3.2_i386.deb\n      Size/MD5:    80106 cbc3b76611aaece014e555a170dca185\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.4-2ubuntu3.2_i386.deb\n      Size/MD5:  1463248 4d326335153bdf16670b4d6b23309adb\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.4-2ubuntu3.2_i386.deb\n      Size/MD5:     6122 f3ee8c280dffbcb1be2e30087818fc12\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.4-2ubuntu3.2_i386.deb\n      Size/MD5:    94910 b56efddf07944953ee6c93a357392ab5\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.4-2ubuntu3.2_i386.deb\n      Size/MD5:    26140 062e3f1216765e325ed4bbc0dff04df5\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.4-2ubuntu3.2_i386.deb\n      Size/MD5:   168962 ff967163df3e0c10338ebccecf816fa2\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.4-2ubuntu3.2_powerpc.deb\n      Size/MD5:    41804 90c6b755b81eac7f64cffdc410781637\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.4-2ubuntu3.2_powerpc.deb\n      Size/MD5:    91146 93b16b2504ca56ca57ca562ccd109a42\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.4-2ubuntu3.2_powerpc.deb\n      Size/MD5:  1497758 d713cc8d5962474285cfcb8f4d5c9387\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.4-2ubuntu3.2_powerpc.deb\n      Size/MD5:     6126 61c3a759bc71ed557194b123ee547425\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.4-2ubuntu3.2_powerpc.deb\n      Size/MD5:    97286 e4da8af1c90ae24bd767317aa8cfcf4a\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.4-2ubuntu3.2_powerpc.deb\n      Size/MD5:    26138 fcd8753ebf0b695dea0375e713a85ea2\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.4-2ubuntu3.2_powerpc.deb\n      Size/MD5:   172252 27806a56e06673bd3fe961f650939193\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.4-2ubuntu3.2_sparc.deb\n      Size/MD5:    36282 2b0888242ed98acf5f8214598a191ac4\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.4-2ubuntu3.2_sparc.deb\n      Size/MD5:    80234 819d971ba0a287fc39f8ffe60a8dea46\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.4-2ubuntu3.2_sparc.deb\n      Size/MD5:  1488822 33280b196dd0f5e372c01f679fa6b92a\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.4-2ubuntu3.2_sparc.deb\n      Size/MD5:     6128 36f672bc145cc881f6ed0d501532c889\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.4-2ubuntu3.2_sparc.deb\n      Size/MD5:    94144 b270ae4767e5a5a4f664686c688e4c83\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.4-2ubuntu3.2_sparc.deb\n      Size/MD5:    26142 e951c05414d91657af1774951ff0b49c\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.4-2ubuntu3.2_sparc.deb\n      Size/MD5:   168272 9c24a04995a400f1c868398d14b31740\n\nUpdated packages for Ubuntu 7.04:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.2.diff.gz\n      Size/MD5:   155988 d5eeee8bb5b1be8f20732ddc15a146b7\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.2.dsc\n      Size/MD5:     1143 0669aaa760ed047edc4f9a942882f01d\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8.orig.tar.gz\n      Size/MD5:  4293194 107affe95fcf1cd4aaed4a5c73f4b91f\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.2.8-0ubuntu8.2_all.deb\n      Size/MD5:   925994 663b23d61cc43e14a45a4079a1b53d14\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.2_amd64.deb\n      Size/MD5:    37404 c857fcb86cf6fbc5a1fe7dcb93bcfc9c\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.2_amd64.deb\n      Size/MD5:    83234 cb15baea3370ad40ad903ecdd5c2a150\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.2_amd64.deb\n      Size/MD5:  1638028 f9e0e6d0ab30836134b18e68f515aa24\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.2_amd64.deb\n      Size/MD5:    56372 45a35748bebb147b1ece7fc2318fe5d5\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.2_amd64.deb\n      Size/MD5:   103904 3ec48e9e35555d39718da7dfa12296e1\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.2_amd64.deb\n      Size/MD5:   144844 d7a36d83f016f81978d77334df958abe\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.2_amd64.deb\n      Size/MD5:   181906 504d933b448fea5199083007de9def13\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.2_i386.deb\n      Size/MD5:    36728 a9d95dd94c95b39fba113bad0ba83d31\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.2_i386.deb\n      Size/MD5:    80756 002c4adb90d4aeb46f22cf043c2a3c5d\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.2_i386.deb\n      Size/MD5:  1620614 dfd8630f8aa3bfc7a3603ab89376bbdc\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.2_i386.deb\n      Size/MD5:    55450 15f5048b3543a2506d1b65937c145c10\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.2_i386.deb\n      Size/MD5:   103602 621c142a15a018a53fb4e1c731dd6273\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.2_i386.deb\n      Size/MD5:   139324 45c10a2df595a6e2d911e2ff3ab4a405\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.2_i386.deb\n      Size/MD5:   178200 41745eaf4b7e638c6294c0c7d272e91b\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.2_powerpc.deb\n      Size/MD5:    46770 7b7c32c212787825b4c8ce5f23f11e9f\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.2_powerpc.deb\n      Size/MD5:   101104 8a64784b5b11dbd2633de705b6803702\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.2_powerpc.deb\n      Size/MD5:  1695072 a9a974ada7cab231ed81c03a91ddc6fa\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.2_powerpc.deb\n      Size/MD5:    56224 859a93733a404b6336815740c704cb31\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.2_powerpc.deb\n      Size/MD5:   109462 b57a9c49d5a186cb0a90ceff60fe3e0c\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.2_powerpc.deb\n      Size/MD5:   141176 03a25641a1d1f0cc3daaff277fc9a1fe\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.2_powerpc.deb\n      Size/MD5:   187796 4f7930d31e79c8e80c3002305f628abb\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.2_sparc.deb\n      Size/MD5:    37776 4b82dbd83e2d0ab3b8a37a1819df2be0\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.2_sparc.deb\n      Size/MD5:    83754 ca7d3f04b938edf84d4495ee28401947\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.2_sparc.deb\n      Size/MD5:  1658640 516e63f4be8670977ede42a5931f84d1\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.2_sparc.deb\n      Size/MD5:    54742 c393dd034b59bdb312caa88e6e5a2518\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.2_sparc.deb\n      Size/MD5:   103154 cca146d09d3d96060aae19ed28c9bad0\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.2_sparc.deb\n      Size/MD5:   141756 8ac1af17f52affe05290eda3f632a5c2\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.2_sparc.deb\n      Size/MD5:   177460 7a2e8e00865878da7823113b9c82fe96\n\nUpdated packages for Ubuntu 7.10:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.3.diff.gz\n      Size/MD5:   123551 3081910dc48c0bf26861c418898424e5\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.3.dsc\n      Size/MD5:     1218 31f9a51331fdef642f68181a96e48b90\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2.orig.tar.gz\n      Size/MD5:  4848424 9e3e1dee4d872fdff0682041198d3d73\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.2-1ubuntu7.3_all.deb\n      Size/MD5:  1080422 55bbe3cc2879bf863ea481de00a87d38\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.3_amd64.deb\n      Size/MD5:    37090 c208eccfeb8c01c9c9cf69d533e48875\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.3_amd64.deb\n      Size/MD5:    89264 d75e34c37e473f37049e9b8d56da85f9\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.3_amd64.deb\n      Size/MD5:  2033330 19317bd0287cd2ffb107a79cb10221b7\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.3_amd64.deb\n      Size/MD5:    59894 669b27a09c281c6627ac6f90cdaa9d6c\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.3_amd64.deb\n      Size/MD5:    46744 3bf6625d4362c0b737f8092a5ce5d8f2\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.3_amd64.deb\n      Size/MD5:   152012 918fb853dabc5e4f9b01d141a700cdd6\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.3_amd64.deb\n      Size/MD5:   185064 9ba4383cca2c676c115f0896c4d3f7ac\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.3_i386.deb\n      Size/MD5:    36386 a9cc51dd1d0bfb023a1723094b5dc8fd\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.3_i386.deb\n      Size/MD5:    86266 a5a5f183b0072355dc7f6d7da0cc6150\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.3_i386.deb\n      Size/MD5:  2016958 1a403efd5824fdd4aabc01d6fd4be80d\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.3_i386.deb\n      Size/MD5:    58630 05c449135359e5dff074bb09d35ab993\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.3_i386.deb\n      Size/MD5:    46096 190e2a501bcc471b47b19c0fab1e6faf\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.3_i386.deb\n      Size/MD5:   145700 6bace8671d4aabfb12981f35bf90e3fd\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.3_i386.deb\n      Size/MD5:   181864 48bdde0f8e4419ed820aad223f04a78e\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.3_powerpc.deb\n      Size/MD5:    46396 d418a342f7bcc3c62a00b6aaa91f6a55\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.3_powerpc.deb\n      Size/MD5:   107534 b5021ac12d34feaa894822833a80f96c\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.3_powerpc.deb\n      Size/MD5:  2098076 ce2bbaac830121b2e332e1d6be7f2812\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.3_powerpc.deb\n      Size/MD5:    59338 a2e1ed47fc41b154279fa991d1b83b63\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.3_powerpc.deb\n      Size/MD5:    51684 5dc5292ba6c5957c6906a1ec10425389\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.3_powerpc.deb\n      Size/MD5:   146958 ca1a231a2fead08a3a291a98016ad164\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.3_powerpc.deb\n      Size/MD5:   190810 df39b95fd46271a4102fa86991687d87\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.3_sparc.deb\n      Size/MD5:    37476 ad024b3c304fddd547f73533c2af353e\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.3_sparc.deb\n      Size/MD5:    89402 d43d4d7730511ae01ada631e49a33386\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.3_sparc.deb\n      Size/MD5:  2059212 5d8c784938e35c99434a9aeec756c7f0\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.3_sparc.deb\n      Size/MD5:    57890 c16d91ecc08a9f644a4702694f061948\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.3_sparc.deb\n      Size/MD5:    45426 9b43f0207dc35329c6b68a00f9470b27\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.3_sparc.deb\n      Size/MD5:   148480 6475be7a82a097f3d1e650f2e1b34e4a\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.3_sparc.deb\n      Size/MD5:   180882 aa0f56882aee8a313019fd9806cb96e2\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 200712-14\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n  Severity: High\n     Title: CUPS: Multiple vulnerabilities\n      Date: December 18, 2007\n      Bugs: #199195, #201042, #201570\n        ID: 200712-14\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been discovered in CUPS, allowing for the\nremote execution of arbitrary code and a Denial of Service. \n\nBackground\n==========\n\nCUPS provides a portable printing layer for UNIX-based operating\nsystems. The alternate pdftops filter is a CUPS filter used to convert\nPDF files to the Postscript format via Poppler; the filter is installed\nby default in Gentoo Linux. Elias Pipping (Gentoo) discovered that the alternate\npdftops filter creates temporary files with predictable file names when\nreading from standard input (CVE-2007-6358). Furthermore, the\nresolution of a Denial of Service vulnerability covered in GLSA\n200703-28 introduced another Denial of Service vulnerability within SSL\nhandling (CVE-2007-4045). A local attacker could exploit the second\nvulnerability to overwrite arbitrary files with the privileges of the\nuser running the CUPS spooler (usually lp) by using symlink attacks. A\nremote attacker could cause a Denial of Service condition via the third\nvulnerability when SSL is enabled in CUPS. \n\nWorkaround\n==========\n\nTo disable SNMP support in CUPS, you have have to manually delete the\nfile \"/usr/libexec/cups/backend/snmp\". Please note that the file is\nreinstalled if you merge CUPS again later. To disable the pdftops\nfilter, delete all lines referencing \"pdftops\" in CUPS\u0027 \"mime.convs\"\nconfiguration file. To work around the third vulnerability, disable SSL\nsupport via the corresponding USE flag. \n\nResolution\n==========\n\nAll CUPS users should upgrade to the latest version:\n\n    # emerge --sync\n    # emerge --ask --oneshot --verbose \"\u003e=net-print/cups-1.2.12-r4\"\n\nReferences\n==========\n\n  [ 1 ] CVE-2007-4045\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4045\n  [ 2 ] CVE-2007-5849\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5849\n  [ 3 ] CVE-2007-6358\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6358\n  [ 4 ] GLSA 200703-28\n        http://www.gentoo.org/security/en/glsa/glsa-200703-28.xml\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n  http://security.gentoo.org/glsa/glsa-200712-14.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2007 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. \n\nBackground\n==========\n\nAMD64 x86 emulation base libraries provides pre-compiled 32-bit\nlibraries. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  app-emulation/emul-linux-x86-baselibs\n                               \u003c 20140406-r1           \u003e= 20140406-r1\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in AMD64 x86 emulation\nbase libraries. Please review the CVE identifiers referenced below for\ndetails. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. They are included in this advisory for the\nsake of completeness. It is likely that your system is already no\nlonger affected by them. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1437-1                  security@debian.org\nhttp://www.debian.org/security/                       Moritz Muehlenhoff\nDecember 26, 2007                     http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage        : cupsys\nVulnerability  : several\nProblem type   : local\nDebian-specific: no\nCVE Id(s)      : CVE-2007-5849 CVE-2007-6358\n\nSeveral local vulnerabilities have been discovered in the Common UNIX\nPrinting System. \n    This vulnerability is not exploitable in the default configuration. \n\nFor the stable distribution (etch), these problems have been fixed in\nversion 1.2.7-4etch2. \n\nThe old stable distribution (sarge) is not affected by CVE-2007-5849. \nThe other issue doesn\u0027t warrant an update on it\u0027s own and has been\npostponed. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.3.5-1. \n\nWe recommend that you upgrade your cupsys packages. \n\nUpgrade instructions\n- --------------------\n\nwget url\n        will fetch the file for you\ndpkg -i file.deb\n        will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n        will update the internal database\napt-get upgrade\n        will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian 4.0 (stable)\n- -------------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2.dsc\n    Size/MD5 checksum:     1084 7eda7d3797d141d174e163f837cd91b4\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7.orig.tar.gz\n    Size/MD5 checksum:  4214272 c9ba33356e5bb93efbcf77b6e142e498\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2.diff.gz\n    Size/MD5 checksum:   103089 a856a1ff975042783cb87f23d15e5b3a\n\nArchitecture independent packages:\n\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.2.7-4etch2_all.deb\n    Size/MD5 checksum:    45246 3216cd80859aa97b7c8c5774b2462db2\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-common_1.2.7-4etch2_all.deb\n    Size/MD5 checksum:   893020 28b90e7e58400b9216f72cecf7de0d4a\n\nalpha architecture (DEC Alpha)\n\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_alpha.deb\n    Size/MD5 checksum:  1096542 686386cd43230708d49cea4af0d57b9f\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_alpha.deb\n    Size/MD5 checksum:    94468 32d1efdef788039ac00ed1e57a6fcc47\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_alpha.deb\n    Size/MD5 checksum:  1608840 d042363f0999e1f11939e3f5e8de8b38\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_alpha.deb\n    Size/MD5 checksum:    72432 5e43d1208715258c4ff09dcee0fa4081\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_alpha.deb\n    Size/MD5 checksum:    86284 dca9ccc53cb8fcf7b8e1a44b8e76a6ad\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_alpha.deb\n    Size/MD5 checksum:   184372 cb6c4f2c2a08ccc55c25c35d039fe400\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_alpha.deb\n    Size/MD5 checksum:    39260 cdfc7a39f71c1aed6973a2956cf8749d\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_alpha.deb\n    Size/MD5 checksum:   174608 e2c1ebf86bfc9f538a640c8ea385330f\n\namd64 architecture (AMD x86_64 (AMD64))\n\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_amd64.deb\n    Size/MD5 checksum:   142552 60167bc344afbaa54904b295c78def9c\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_amd64.deb\n    Size/MD5 checksum:    36366 3feca5f614aca7d527b1beba01462f6e\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_amd64.deb\n    Size/MD5 checksum:   161666 65ebf0f70d842eeb8adc309946357b4d\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_amd64.deb\n    Size/MD5 checksum:    85314 0be1f821b4880c7a4b83cd7779edbce4\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_amd64.deb\n    Size/MD5 checksum:    80704 26db3ea2f4aee728ead9ffba2686b827\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_amd64.deb\n    Size/MD5 checksum:  1574360 3a1e7f5f6a8766a1f89aa65fc47c5d72\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_amd64.deb\n    Size/MD5 checksum:    52862 3e8caecdc231fcded29f0029b76019a8\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_amd64.deb\n    Size/MD5 checksum:  1085694 235f96f3c07947ab11cd4222490441f0\n\narm architecture (ARM)\n\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_arm.deb\n    Size/MD5 checksum:    48532 08ce8a9c2d9edf30a381ddc34073c397\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_arm.deb\n    Size/MD5 checksum:  1025036 c3165815ab4292c0b200176c4c0ad7d6\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_arm.deb\n    Size/MD5 checksum:    35924 02c6ebde8deb0fcb39074deb5895b95b\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_arm.deb\n    Size/MD5 checksum:    78912 33627a4c4e1dd3b4001f165cfda64259\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_arm.deb\n    Size/MD5 checksum:   132054 c4e04d8fb763e599931f3cb0207d84cb\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_arm.deb\n    Size/MD5 checksum:   154314 0dcbd01293a5a0925af776bc0d6490fa\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_arm.deb\n    Size/MD5 checksum:    84494 66ff0b8a8b07d0faddee758806e044be\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_arm.deb\n    Size/MD5 checksum:  1568356 725c88c2ac3737a0a323e82a5877f8f9\n\nhppa architecture (HP PA RISC)\n\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_hppa.deb\n    Size/MD5 checksum:    39264 528456372ac16c6dc257d2672a24cc84\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_hppa.deb\n    Size/MD5 checksum:    85260 60da86a4e6b72d49f3c405cda6eaaa33\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_hppa.deb\n    Size/MD5 checksum:    90316 7d7093a9bca7c6ee4a190eaea715cf1f\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_hppa.deb\n    Size/MD5 checksum:    57026 7e78c5bf532b9761b6ebc290c4c24b94\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_hppa.deb\n    Size/MD5 checksum:   171548 37bfd1849d459be20f5df6da4d0e8f19\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_hppa.deb\n    Size/MD5 checksum:  1611932 3a3e91d8c878c6ec42a99d1bfacbafac\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_hppa.deb\n    Size/MD5 checksum:   154600 fc87ba725d54223245d9cb71777307a7\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_hppa.deb\n    Size/MD5 checksum:  1031728 cdcfb63a3a2200f4ca36aa0d530c32d9\n\ni386 architecture (Intel ia32)\n\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_i386.deb\n    Size/MD5 checksum:    53068 e28d98e95a5e543991b996e84d028863\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_i386.deb\n    Size/MD5 checksum:   138280 28df76637f6b23d98ec81f6a7bf2b6ba\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_i386.deb\n    Size/MD5 checksum:   159796 fa2db05d879ce293041be45683febe8b\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_i386.deb\n    Size/MD5 checksum:  1547840 6d7396410919ae7207d3d9aadfb5026f\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_i386.deb\n    Size/MD5 checksum:    79880 c392020f91e2901d4122ef6a1fa08fed\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_i386.deb\n    Size/MD5 checksum:    85778 a11291b1a834d42ba160fb8d92db0c3a\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_i386.deb\n    Size/MD5 checksum:   997490 0d91574ed291678037351dd0a32f445f\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_i386.deb\n    Size/MD5 checksum:    36476 ee84ce1774c646915ba410dadcda3470\n\nia64 architecture (Intel ia64)\n\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_ia64.deb\n    Size/MD5 checksum:  1107194 dc683bec9dcfffc4a1e020b2859e1fab\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_ia64.deb\n    Size/MD5 checksum:   106228 db41cfc57bf2d43da703285f9790344c\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_ia64.deb\n    Size/MD5 checksum:    46332 f52d7a07c6acf6613da1ae43f64b8ef7\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_ia64.deb\n    Size/MD5 checksum:   203378 9da06426a99702d4485b528d542b666d\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_ia64.deb\n    Size/MD5 checksum:   105872 cd243300f6b804b2501e5681401c574e\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_ia64.deb\n    Size/MD5 checksum:    73934 b3618bd2d5b1de8371ea56301312ef3a\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_ia64.deb\n    Size/MD5 checksum:   192368 35aba3be08e6a72b54617bb666b12d4c\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_ia64.deb\n    Size/MD5 checksum:  1769808 8d0ab1028149cabd9d946c44cf4d4f86\n\nmips architecture (MIPS (Big Endian))\n\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_mips.deb\n    Size/MD5 checksum:    77158 5302b4e5edb3d0d7733481eaabdbddcf\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_mips.deb\n    Size/MD5 checksum:    85874 d6beacabf8db05137b4c4357ea7557e9\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_mips.deb\n    Size/MD5 checksum:   157884 d0f4ed5d1da24041179f9f2697f2ffcb\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_mips.deb\n    Size/MD5 checksum:  1096124 feea35b2ae01af3b06ee3ce8a854324e\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_mips.deb\n    Size/MD5 checksum:    35968 0bb0b6c1018c466326b6406de4af093e\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_mips.deb\n    Size/MD5 checksum:   150766 ff55f24b0b36722265644252857d8b5c\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_mips.deb\n    Size/MD5 checksum:  1550792 97167182293fc8400cb9fefffc3670e7\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_mips.deb\n    Size/MD5 checksum:    57384 b2473f40bde45105c0bdec916ff93cdb\n\nmipsel architecture (MIPS (Little Endian))\n\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_mipsel.deb\n    Size/MD5 checksum:    86054 f78f586a8f15727e28c67bca58caaa26\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_mipsel.deb\n    Size/MD5 checksum:  1552410 94190014545b85b403a21e97d9901776\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_mipsel.deb\n    Size/MD5 checksum:   157716 e0bd0f1e90b1124b1441bc1f313a7764\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_mipsel.deb\n    Size/MD5 checksum:  1083814 a5968478d72e11f19d4e019d3095e51f\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_mipsel.deb\n    Size/MD5 checksum:    36068 363ff5b0694c2fef407a92dea1ba1c4e\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_mipsel.deb\n    Size/MD5 checksum:    77458 db7144590602bf3cf25cba5fdce485a8\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_mipsel.deb\n    Size/MD5 checksum:    57700 04626a4cb44728ea61bcb7f8d8ddc1ed\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_mipsel.deb\n    Size/MD5 checksum:   150902 f3cb4f6ca36503d7b70aab6d559199d2\n\npowerpc architecture (PowerPC)\n\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_powerpc.deb\n    Size/MD5 checksum:    51792 e89680c8a9b4851ebb5ad0d304e6bbb7\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_powerpc.deb\n    Size/MD5 checksum:    90002 ce367709844a87951f810524aadfea4c\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_powerpc.deb\n    Size/MD5 checksum:   136864 0aabc007ab84b86a77f6c601ba8d44fd\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_powerpc.deb\n    Size/MD5 checksum:    87576 f18bba76c873a6238e78a80182c0cd38\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_powerpc.deb\n    Size/MD5 checksum:  1575144 506c85d9a8b03be737ccb8dd3fd31248\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_powerpc.deb\n    Size/MD5 checksum:  1141712 b6ab866de7c8c6f2051c2a813003a722\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_powerpc.deb\n    Size/MD5 checksum:   162358 08096969b7e8ef48d2ece9a86600004a\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_powerpc.deb\n    Size/MD5 checksum:    41290 b7eb0528a3b1b8bd07247fd9e16b76c2\n\ns390 architecture (IBM S/390)\n\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_s390.deb\n    Size/MD5 checksum:  1586292 01001ec68f5ff6a090ebff3099265be0\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_s390.deb\n    Size/MD5 checksum:  1035680 081c5ca040751dc4ec59d2a83289099c\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_s390.deb\n    Size/MD5 checksum:    86854 5011337fee7f4dcfb62a6c95f7054e98\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_s390.deb\n    Size/MD5 checksum:    37422 731fb2009fa3cf47e270c35348d2e3e4\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_s390.deb\n    Size/MD5 checksum:    82338 4f93e2f975642addd238eecf78a94779\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_s390.deb\n    Size/MD5 checksum:   165816 c69411004d08763f1b86a5d517592fc7\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_s390.deb\n    Size/MD5 checksum:   144946 74bca185776b08ac50a9abcc17019e68\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_s390.deb\n    Size/MD5 checksum:    52260 1324db10b3374beb81b98032ba92e2b8\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_sparc.deb\n    Size/MD5 checksum:    51580 6052b09bd8c4cb9600156b24f185122a\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_sparc.deb\n    Size/MD5 checksum:   139570 2aa5b4d2d64849aa048489332f7e3aca\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_sparc.deb\n    Size/MD5 checksum:  1561428 59199c965cba64d0aaf9a2de6c3432b6\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_sparc.deb\n    Size/MD5 checksum:    84282 edec6a1d4af9df91f2d2b5c20553dbe9\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_sparc.deb\n    Size/MD5 checksum:   990474 e276a14d21a6d7661c91c3420c96e142\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_sparc.deb\n    Size/MD5 checksum:   158256 d43c9657a710bb5969e704208502f59f\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_sparc.deb\n    Size/MD5 checksum:    78514 32c106b3332c95dd0f24d6cf5d208add\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_sparc.deb\n    Size/MD5 checksum:    36020 751c12e8f83f04b5fd54d4a23abdf6fc\n\n\n  These files will probably be moved into the stable distribution on\n  its next update. \n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show \u003cpkg\u003e\u0027 and http://packages.debian.org/\u003cpkg\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.6 (GNU/Linux)\n\niD8DBQFHclSzXm3vHE4uyloRAqN4AJ446Cy9X2qGSIJqCKirOI2pWmEseACgygi1\nmLr61xygMrJtafqG+L6vzQw=\n=Kaoc\n-----END PGP SIGNATURE-----\n. \n \n The updated packages have been patched to correct these issues. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4045\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5849\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.0:\n e7b60799c6564dab2fac51c4f141dbe5  2007.0/i586/cups-1.2.4-1.6mdv2007.0.i586.rpm\n 4c32071aad3f9098ea2dd2f9a1b7cd49  2007.0/i586/cups-common-1.2.4-1.6mdv2007.0.i586.rpm\n 63d9a864863267cf2f4fddc02e095e06  2007.0/i586/cups-serial-1.2.4-1.6mdv2007.0.i586.rpm\n 1f4920904c759ce0e9abb3bbc8cdd594  2007.0/i586/libcups2-1.2.4-1.6mdv2007.0.i586.rpm\n b1ec7aa06c2be308ff9c2a63da1c7731  2007.0/i586/libcups2-devel-1.2.4-1.6mdv2007.0.i586.rpm\n f383e8d9d10ca981e447dd6a01ee851d  2007.0/i586/php-cups-1.2.4-1.6mdv2007.0.i586.rpm \n f79a5dfe12eb0645f787ad1112c21df6  2007.0/SRPMS/cups-1.2.4-1.6mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n b7553d0c3fbc26b3701b141c9b83d4f3  2007.0/x86_64/cups-1.2.4-1.6mdv2007.0.x86_64.rpm\n 4a38d3105789f691876915a408b14238  2007.0/x86_64/cups-common-1.2.4-1.6mdv2007.0.x86_64.rpm\n 66f5f00ec62eda88ad3bcc4a7c1bb9f8  2007.0/x86_64/cups-serial-1.2.4-1.6mdv2007.0.x86_64.rpm\n 8cb823e9208e3318df6856d6f604e915  2007.0/x86_64/lib64cups2-1.2.4-1.6mdv2007.0.x86_64.rpm\n 87a2ecc7dea1d4df9dc375aaa08706df  2007.0/x86_64/lib64cups2-devel-1.2.4-1.6mdv2007.0.x86_64.rpm\n 80f26c35b1a9df435722fda1cbbf73a3  2007.0/x86_64/php-cups-1.2.4-1.6mdv2007.0.x86_64.rpm \n f79a5dfe12eb0645f787ad1112c21df6  2007.0/SRPMS/cups-1.2.4-1.6mdv2007.0.src.rpm\n\n Mandriva Linux 2007.1:\n 211c3ad187609d5b780ff3fa5b49e444  2007.1/i586/cups-1.2.10-2.4mdv2007.1.i586.rpm\n 7d40f786123cf00358798508bb62d3d3  2007.1/i586/cups-common-1.2.10-2.4mdv2007.1.i586.rpm\n 0e5804893b2a9246b0e868c31b32b06b  2007.1/i586/cups-serial-1.2.10-2.4mdv2007.1.i586.rpm\n 338d3dec619d84e87f51bd7cfd16d8d2  2007.1/i586/libcups2-1.2.10-2.4mdv2007.1.i586.rpm\n 8db18206adc7d5e06791544156b055b3  2007.1/i586/libcups2-devel-1.2.10-2.4mdv2007.1.i586.rpm\n 62132f4112ac2b0a2d12774d29bec0cb  2007.1/i586/php-cups-1.2.10-2.4mdv2007.1.i586.rpm \n 4ba57d3741a92f13208328191a9a1778  2007.1/SRPMS/cups-1.2.10-2.4mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n 8c149f4c10733c9a9111160ae59ad925  2007.1/x86_64/cups-1.2.10-2.4mdv2007.1.x86_64.rpm\n 4b1daf55b41af95a1cd84bebe942d560  2007.1/x86_64/cups-common-1.2.10-2.4mdv2007.1.x86_64.rpm\n 5c5ca12c2c1acc4d4dbabdd1a724c6b6  2007.1/x86_64/cups-serial-1.2.10-2.4mdv2007.1.x86_64.rpm\n c3b6080be7e3f4705a8a2a49bcffd444  2007.1/x86_64/lib64cups2-1.2.10-2.4mdv2007.1.x86_64.rpm\n e0b59e5053778c2ffa2f54e0b45d2d39  2007.1/x86_64/lib64cups2-devel-1.2.10-2.4mdv2007.1.x86_64.rpm\n f55015ed699bf755c426f543c1663c68  2007.1/x86_64/php-cups-1.2.10-2.4mdv2007.1.x86_64.rpm \n 4ba57d3741a92f13208328191a9a1778  2007.1/SRPMS/cups-1.2.10-2.4mdv2007.1.src.rpm\n\n Mandriva Linux 2008.0:\n 5e6c08849a88b069afaa97a41e9e960e  2008.0/i586/cups-1.3.0-3.4mdv2008.0.i586.rpm\n 9572d60e8afebae8af024b1fe7209fb3  2008.0/i586/cups-common-1.3.0-3.4mdv2008.0.i586.rpm\n 3f289e765d786c9e10ea5cfc21f73f6b  2008.0/i586/cups-serial-1.3.0-3.4mdv2008.0.i586.rpm\n c0fd3de781ef4d6ed0f9e13cae53d883  2008.0/i586/libcups2-1.3.0-3.4mdv2008.0.i586.rpm\n 610b6e72c3c11c6015f8177701156351  2008.0/i586/libcups2-devel-1.3.0-3.4mdv2008.0.i586.rpm\n fb6ef9cab451a3133be7f76ba840b012  2008.0/i586/php-cups-1.3.0-3.4mdv2008.0.i586.rpm \n 188a7ec8777c3b4b31750580117a870e  2008.0/SRPMS/cups-1.3.0-3.4mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 402aea771b06142b45b722bff80f091e  2008.0/x86_64/cups-1.3.0-3.4mdv2008.0.x86_64.rpm\n f2455232cc2a9573ecec47ef56cdc597  2008.0/x86_64/cups-common-1.3.0-3.4mdv2008.0.x86_64.rpm\n 37a5555a41d6fb417b21939c805664f2  2008.0/x86_64/cups-serial-1.3.0-3.4mdv2008.0.x86_64.rpm\n ce9c705103f3818d9c5795c9870fe8ff  2008.0/x86_64/lib64cups2-1.3.0-3.4mdv2008.0.x86_64.rpm\n 69cbe40728e22cc75aec77357f1afd05  2008.0/x86_64/lib64cups2-devel-1.3.0-3.4mdv2008.0.x86_64.rpm\n 383988eb5c94bb74024fdf374cb3b2be  2008.0/x86_64/php-cups-1.3.0-3.4mdv2008.0.x86_64.rpm \n 188a7ec8777c3b4b31750580117a870e  2008.0/SRPMS/cups-1.3.0-3.4mdv2008.0.src.rpm\n\n Corporate 3.0:\n 22d8969d906321fbee18c2bbc85588d3  corporate/3.0/i586/cups-1.1.20-5.15.C30mdk.i586.rpm\n 36304afe8bedfa972b100864a155c631  corporate/3.0/i586/cups-common-1.1.20-5.15.C30mdk.i586.rpm\n c769d1450268709318ca831aa61fb0e1  corporate/3.0/i586/cups-serial-1.1.20-5.15.C30mdk.i586.rpm\n add323f4e6d19502d1784d8170b56158  corporate/3.0/i586/libcups2-1.1.20-5.15.C30mdk.i586.rpm\n 1795159898f7d56792ccb5d2fa94f01d  corporate/3.0/i586/libcups2-devel-1.1.20-5.15.C30mdk.i586.rpm \n 862992a50ff8f3311bc1e6a57e916f44  corporate/3.0/SRPMS/cups-1.1.20-5.15.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 4cc49531ae7c6e30a6119a96fd6e2be7  corporate/3.0/x86_64/cups-1.1.20-5.15.C30mdk.x86_64.rpm\n d99c41a39764138480fd0498fc08dc86  corporate/3.0/x86_64/cups-common-1.1.20-5.15.C30mdk.x86_64.rpm\n 1217f6489b62f4f97272266a36ad1dcf  corporate/3.0/x86_64/cups-serial-1.1.20-5.15.C30mdk.x86_64.rpm\n 37b559193f8165d5fb94f3dfb0a17002  corporate/3.0/x86_64/lib64cups2-1.1.20-5.15.C30mdk.x86_64.rpm\n 29f3155a705199ddc18d4f07151ee0e5  corporate/3.0/x86_64/lib64cups2-devel-1.1.20-5.15.C30mdk.x86_64.rpm \n 862992a50ff8f3311bc1e6a57e916f44  corporate/3.0/SRPMS/cups-1.1.20-5.15.C30mdk.src.rpm\n\n Corporate 4.0:\n 2ff282c107a464893dceecd702a49fbb  corporate/4.0/i586/cups-1.2.4-0.6.20060mlcs4.i586.rpm\n d40e3334925c3dfeb4cf69c9a81279da  corporate/4.0/i586/cups-common-1.2.4-0.6.20060mlcs4.i586.rpm\n c0cd1b083354931223532a3f66708796  corporate/4.0/i586/cups-serial-1.2.4-0.6.20060mlcs4.i586.rpm\n 2cbac22995a55e1f2a2775c9b2f993ef  corporate/4.0/i586/libcups2-1.2.4-0.6.20060mlcs4.i586.rpm\n 6e2f4b34178fea2cf9fbc6d2ef23bb10  corporate/4.0/i586/libcups2-devel-1.2.4-0.6.20060mlcs4.i586.rpm\n 7013f9f6c6820f411bbece64eef74338  corporate/4.0/i586/php-cups-1.2.4-0.6.20060mlcs4.i586.rpm \n af983d1c74680e800bdc2cf9190a64d3  corporate/4.0/SRPMS/cups-1.2.4-0.6.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 5b7647d72d7c6717fc66511d99dfb85d  corporate/4.0/x86_64/cups-1.2.4-0.6.20060mlcs4.x86_64.rpm\n 4e2885508967804e2036312408b887a6  corporate/4.0/x86_64/cups-common-1.2.4-0.6.20060mlcs4.x86_64.rpm\n c2c7dcc9fe085e0763bfdb492fb75efc  corporate/4.0/x86_64/cups-serial-1.2.4-0.6.20060mlcs4.x86_64.rpm\n 8638a23ea946526c960840507933c835  corporate/4.0/x86_64/lib64cups2-1.2.4-0.6.20060mlcs4.x86_64.rpm\n 856b172bc91bbd802a821a775d45b6c9  corporate/4.0/x86_64/lib64cups2-devel-1.2.4-0.6.20060mlcs4.x86_64.rpm\n f97300e6f09ef8b08d1a0563a5c324f1  corporate/4.0/x86_64/php-cups-1.2.4-0.6.20060mlcs4.x86_64.rpm \n af983d1c74680e800bdc2cf9190a64d3  corporate/4.0/SRPMS/cups-1.2.4-0.6.20060mlcs4.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you.  You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n  http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n  security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID     Date       User ID\n pub  1024D/22458A98 2000-07-10 Mandriva Security Team\n  \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.8 (GNU/Linux)\n\niD8DBQFHqfERmqjQ0CJFipgRAjdGAKDHckN83/fyAlJvHgk69P50eexo2wCbBhR9\nnEhVEeHY+sACGciJMKbk5+I=\n=Qgcw\n-----END PGP SIGNATURE-----\n. \n\n----------------------------------------------------------------------\n\nWant a new job?\nhttp://secunia.com/secunia_vacancies/\n\nSecunia is looking for new researchers with a reversing background\nand experience in writing exploit code:\nhttp://secunia.com/hardcore_disassembler_and_reverse_engineer/\nhttp://secunia.com/Disassembling_og_Reversing/\nhttp://secunia.com/Linux_Security_Specialist/\n\n----------------------------------------------------------------------\n\nTITLE:\nGentoo update for cups\n\nSECUNIA ADVISORY ID:\nSA24660\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/24660/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom local network\n\nOPERATING SYSTEM:\nGentoo Linux 1.x\nhttp://secunia.com/product/339/\n\nDESCRIPTION:\nGentoo has issued an update for cups. \n\nFor more information:\nSA24517\n\nSOLUTION:\nUpdate to \"net-print/cups-1.2.9\" or later. \n\nORIGINAL ADVISORY:\nhttp://www.gentoo.org/security/en/glsa/glsa-200703-28.xml\n\nOTHER REFERENCES:\nSA24517:\nhttp://secunia.com/advisories/24517/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2007-5849"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001044"
      },
      {
        "db": "BID",
        "id": "26917"
      },
      {
        "db": "BID",
        "id": "26910"
      },
      {
        "db": "VULHUB",
        "id": "VHN-29211"
      },
      {
        "db": "PACKETSTORM",
        "id": "62438"
      },
      {
        "db": "PACKETSTORM",
        "id": "61924"
      },
      {
        "db": "PACKETSTORM",
        "id": "129524"
      },
      {
        "db": "PACKETSTORM",
        "id": "62119"
      },
      {
        "db": "PACKETSTORM",
        "id": "63345"
      },
      {
        "db": "PACKETSTORM",
        "id": "55530"
      }
    ],
    "trust": 2.79
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-29211",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-29211"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2007-5849",
        "trust": 3.6
      },
      {
        "db": "BID",
        "id": "26917",
        "trust": 2.8
      },
      {
        "db": "SECUNIA",
        "id": "28129",
        "trust": 2.5
      },
      {
        "db": "USCERT",
        "id": "TA07-352A",
        "trust": 2.5
      },
      {
        "db": "BID",
        "id": "26910",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "28636",
        "trust": 1.7
      },
      {
        "db": "SECUNIA",
        "id": "28200",
        "trust": 1.7
      },
      {
        "db": "SECUNIA",
        "id": "28441",
        "trust": 1.7
      },
      {
        "db": "SECUNIA",
        "id": "28136",
        "trust": 1.7
      },
      {
        "db": "SECUNIA",
        "id": "28113",
        "trust": 1.7
      },
      {
        "db": "SECUNIA",
        "id": "28386",
        "trust": 1.7
      },
      {
        "db": "SECUNIA",
        "id": "28676",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2007-4238",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2007-4242",
        "trust": 1.7
      },
      {
        "db": "XF",
        "id": "39101",
        "trust": 1.4
      },
      {
        "db": "USCERT",
        "id": "SA07-352A",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001044",
        "trust": 0.8
      },
      {
        "db": "XF",
        "id": "1",
        "trust": 0.6
      },
      {
        "db": "XF",
        "id": "39097",
        "trust": 0.6
      },
      {
        "db": "NSFOCUS",
        "id": "11341\u203b11310",
        "trust": 0.6
      },
      {
        "db": "NSFOCUS",
        "id": "11341",
        "trust": 0.6
      },
      {
        "db": "NSFOCUS",
        "id": "11310",
        "trust": 0.6
      },
      {
        "db": "DEBIAN",
        "id": "DSA-1437",
        "trust": 0.6
      },
      {
        "db": "UBUNTU",
        "id": "USN-563-1",
        "trust": 0.6
      },
      {
        "db": "APPLE",
        "id": "APPLE-SA-2007-12-17",
        "trust": 0.6
      },
      {
        "db": "SUSE",
        "id": "SUSE-SA:2008:002",
        "trust": 0.6
      },
      {
        "db": "SUSE",
        "id": "SUSE-SR:2008:002",
        "trust": 0.6
      },
      {
        "db": "CERT/CC",
        "id": "TA07-352A",
        "trust": 0.6
      },
      {
        "db": "FEDORA",
        "id": "FEDORA-2008-0322",
        "trust": 0.6
      },
      {
        "db": "GENTOO",
        "id": "GLSA-200712-14",
        "trust": 0.6
      },
      {
        "db": "MANDRIVA",
        "id": "MDVSA-2008:036",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200712-228",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "62438",
        "trust": 0.2
      },
      {
        "db": "EXPLOIT-DB",
        "id": "30898",
        "trust": 0.1
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-84256",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-29211",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "61924",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "129524",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "62119",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "63345",
        "trust": 0.1
      },
      {
        "db": "SECUNIA",
        "id": "24660",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "55530",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-29211"
      },
      {
        "db": "BID",
        "id": "26917"
      },
      {
        "db": "BID",
        "id": "26910"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001044"
      },
      {
        "db": "PACKETSTORM",
        "id": "62438"
      },
      {
        "db": "PACKETSTORM",
        "id": "61924"
      },
      {
        "db": "PACKETSTORM",
        "id": "129524"
      },
      {
        "db": "PACKETSTORM",
        "id": "62119"
      },
      {
        "db": "PACKETSTORM",
        "id": "63345"
      },
      {
        "db": "PACKETSTORM",
        "id": "55530"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200712-228"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-5849"
      }
    ]
  },
  "id": "VAR-200712-0433",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-29211"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-07-23T21:40:50.122000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Security Update 2007-009",
        "trust": 0.8,
        "url": "http://docs.info.apple.com/article.html?artnum=307179-en"
      },
      {
        "title": "Security Update 2007-009",
        "trust": 0.8,
        "url": "http://docs.info.apple.com/article.html?artnum=307179-ja"
      },
      {
        "title": "STR #2589",
        "trust": 0.8,
        "url": "http://www.cups.org/str.php?l2589"
      },
      {
        "title": "TA07-352A",
        "trust": 0.8,
        "url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta07-352a.html"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001044"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-189",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-29211"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001044"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-5849"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://www.securityfocus.com/bid/26917"
      },
      {
        "trust": 2.5,
        "url": "http://www.us-cert.gov/cas/techalerts/ta07-352a.html"
      },
      {
        "trust": 2.5,
        "url": "http://secunia.com/advisories/28129"
      },
      {
        "trust": 2.0,
        "url": "http://www.cups.org/str.php?l2589"
      },
      {
        "trust": 1.7,
        "url": "http://lists.apple.com/archives/security-announce/2007/dec/msg00002.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/26910"
      },
      {
        "trust": 1.7,
        "url": "http://bugs.gentoo.org/show_bug.cgi?id=201570"
      },
      {
        "trust": 1.7,
        "url": "http://docs.info.apple.com/article.html?artnum=307179"
      },
      {
        "trust": 1.7,
        "url": "http://www.debian.org/security/2007/dsa-1437"
      },
      {
        "trust": 1.7,
        "url": "https://www.redhat.com/archives/fedora-package-announce/2008-january/msg00908.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml"
      },
      {
        "trust": 1.7,
        "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:036"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/28113"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/28136"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/28200"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/28386"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/28441"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/28636"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/28676"
      },
      {
        "trust": 1.7,
        "url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00003.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.ubuntu.com/usn/usn-563-1"
      },
      {
        "trust": 1.4,
        "url": "http://www.frsirt.com/english/advisories/2007/4242"
      },
      {
        "trust": 1.4,
        "url": "http://www.frsirt.com/english/advisories/2007/4238"
      },
      {
        "trust": 1.4,
        "url": "http://xforce.iss.net/xforce/xfdb/39101"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2007/4238"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2007/4242"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39101"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39097"
      },
      {
        "trust": 1.0,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5849"
      },
      {
        "trust": 0.9,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5849"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnta07-352a/index.html"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/tr/trta07-352a/index.html"
      },
      {
        "trust": 0.8,
        "url": "http://www.us-cert.gov/cas/alerts/sa07-352a.html"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/39097"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/11341\u203b11310"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5849"
      },
      {
        "trust": 0.3,
        "url": "http://www.cups.org/index.php"
      },
      {
        "trust": 0.3,
        "url": "http://www.apple.com/macosx/"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-6358"
      },
      {
        "trust": 0.2,
        "url": "http://bugs.gentoo.org."
      },
      {
        "trust": 0.2,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4045"
      },
      {
        "trust": 0.2,
        "url": "http://creativecommons.org/licenses/by-sa/2.5"
      },
      {
        "trust": 0.2,
        "url": "http://www.gentoo.org/security/en/glsa/glsa-200703-28.xml"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-4045"
      },
      {
        "trust": 0.2,
        "url": "http://security.gentoo.org/"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.6.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.6_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.4-2ubuntu3.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.4-2ubuntu3.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.6_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.4-2ubuntu3.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.6_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.4-2ubuntu3.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.6_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.6_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.4-2ubuntu3.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.4-2ubuntu3.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.3.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.4-2ubuntu3.2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.6_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.6_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.2.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.6_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.4-2ubuntu3.2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.4-2ubuntu3.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.6_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.6_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8.orig.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.4-2ubuntu3.2.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.6_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.6_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.6_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.4-2ubuntu3.2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.4-2ubuntu3.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.6_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.6_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.2.2-0ubuntu0.6.06.6_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.4-2ubuntu3.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.6_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.4-2ubuntu3.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.6_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.2-1ubuntu7.3_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.6.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.6_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.4.orig.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.4-2ubuntu3.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.6_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.4-2ubuntu3.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.4-2ubuntu3.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.2.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.4-2ubuntu3.2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.4-2ubuntu3.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.6_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.2.8-0ubuntu8.2_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.6_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.4-2ubuntu3.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.6_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.6_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.4-2ubuntu3.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.4-2ubuntu3.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.4-2ubuntu3.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.6_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.6_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.4-2ubuntu3.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.6_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.3.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.4-2ubuntu3.2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2.orig.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.4-2ubuntu3.2.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.4-2ubuntu3.2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.2.4-2ubuntu3.2_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.4-2ubuntu3.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.4-2ubuntu3.2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2.orig.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.4-2ubuntu3.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.6_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.6_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6358"
      },
      {
        "trust": 0.1,
        "url": "http://security.gentoo.org/glsa/glsa-200712-14.xml"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5116"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5269"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-2741"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5135"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0160"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-2026"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5268"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-3108"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5266"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-2445"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0338"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-1536"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-3108"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1969"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-1536"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5266"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-2741"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1205"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1664"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0338"
      },
      {
        "trust": 0.1,
        "url": "http://security.gentoo.org/glsa/glsa-201412-11.xml"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-2026"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-0720"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2877"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5135"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0339"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1969"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-2445"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1205"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-0720"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-4995"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-4995"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2877"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5268"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0339"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5116"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1664"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0160"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.2.7-4etch2_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://www.debian.org/security/faq"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-common_1.2.7-4etch2_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://www.debian.org/security/"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7.orig.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://packages.debian.org/\u003cpkg\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://www.mandriva.com/security/"
      },
      {
        "trust": 0.1,
        "url": "http://www.mandriva.com/security/advisories"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/24660/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/disassembling_og_reversing/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_vacancies/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/339/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/linux_security_specialist/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/24517/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-29211"
      },
      {
        "db": "BID",
        "id": "26917"
      },
      {
        "db": "BID",
        "id": "26910"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001044"
      },
      {
        "db": "PACKETSTORM",
        "id": "62438"
      },
      {
        "db": "PACKETSTORM",
        "id": "61924"
      },
      {
        "db": "PACKETSTORM",
        "id": "129524"
      },
      {
        "db": "PACKETSTORM",
        "id": "62119"
      },
      {
        "db": "PACKETSTORM",
        "id": "63345"
      },
      {
        "db": "PACKETSTORM",
        "id": "55530"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200712-228"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-5849"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-29211"
      },
      {
        "db": "BID",
        "id": "26917"
      },
      {
        "db": "BID",
        "id": "26910"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001044"
      },
      {
        "db": "PACKETSTORM",
        "id": "62438"
      },
      {
        "db": "PACKETSTORM",
        "id": "61924"
      },
      {
        "db": "PACKETSTORM",
        "id": "129524"
      },
      {
        "db": "PACKETSTORM",
        "id": "62119"
      },
      {
        "db": "PACKETSTORM",
        "id": "63345"
      },
      {
        "db": "PACKETSTORM",
        "id": "55530"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200712-228"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-5849"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2007-12-19T00:00:00",
        "db": "VULHUB",
        "id": "VHN-29211"
      },
      {
        "date": "2007-11-08T00:00:00",
        "db": "BID",
        "id": "26917"
      },
      {
        "date": "2007-12-17T00:00:00",
        "db": "BID",
        "id": "26910"
      },
      {
        "date": "2008-01-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2007-001044"
      },
      {
        "date": "2008-01-09T06:52:17",
        "db": "PACKETSTORM",
        "id": "62438"
      },
      {
        "date": "2007-12-19T00:58:29",
        "db": "PACKETSTORM",
        "id": "61924"
      },
      {
        "date": "2014-12-12T17:43:12",
        "db": "PACKETSTORM",
        "id": "129524"
      },
      {
        "date": "2007-12-28T22:34:14",
        "db": "PACKETSTORM",
        "id": "62119"
      },
      {
        "date": "2008-02-06T22:48:02",
        "db": "PACKETSTORM",
        "id": "63345"
      },
      {
        "date": "2007-04-02T23:13:40",
        "db": "PACKETSTORM",
        "id": "55530"
      },
      {
        "date": "2007-11-08T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200712-228"
      },
      {
        "date": "2007-12-19T21:46:00",
        "db": "NVD",
        "id": "CVE-2007-5849"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-07-29T00:00:00",
        "db": "VULHUB",
        "id": "VHN-29211"
      },
      {
        "date": "2015-05-07T17:04:00",
        "db": "BID",
        "id": "26917"
      },
      {
        "date": "2008-01-07T14:19:00",
        "db": "BID",
        "id": "26910"
      },
      {
        "date": "2008-01-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2007-001044"
      },
      {
        "date": "2007-12-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200712-228"
      },
      {
        "date": "2017-07-29T01:33:54.630000",
        "db": "NVD",
        "id": "CVE-2007-5849"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "129524"
      },
      {
        "db": "PACKETSTORM",
        "id": "63345"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200712-228"
      }
    ],
    "trust": 0.8
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "CUPS of  SNMP Backend program for integer overflow vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001044"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "digital error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200712-228"
      }
    ],
    "trust": 0.6
  }
}

GHSA-X2H6-2Q5C-V7PX

Vulnerability from github – Published: 2022-05-01 18:37 – Updated: 2022-05-01 18:37

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2007-5849"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2007-12-19T21:46:00Z",
    "severity": "HIGH"
  },
  "details": "Integer underflow in the asn1_get_string function in the SNMP back end (backend/snmp.c) for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that triggers a stack-based buffer overflow.",
  "id": "GHSA-x2h6-2q5c-v7px",
  "modified": "2022-05-01T18:37:25Z",
  "published": "2022-05-01T18:37:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-5849"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39097"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39101"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00908.html"
    },
    {
      "type": "WEB",
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=201570"
    },
    {
      "type": "WEB",
      "url": "http://docs.info.apple.com/article.html?artnum=307179"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00003.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28113"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28129"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28136"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28200"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28386"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28441"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28636"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28676"
    },
    {
      "type": "WEB",
      "url": "http://www.cups.org/str.php?L2589"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2007/dsa-1437"
    },
    {
      "type": "WEB",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:036"
    },
    {
      "type": "WEB",
      "url": "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/26910"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/26917"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-563-1"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/4238"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/4242"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2007-5849

Vulnerability from fkie_nvd - Published: 2007-12-19 21:46 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://bugs.gentoo.org/show_bug.cgi?id=201570
cve@mitre.org	http://docs.info.apple.com/article.html?artnum=307179
cve@mitre.org	http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00003.html
cve@mitre.org	http://secunia.com/advisories/28113	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/28129	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/28136	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/28200	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/28386	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/28441	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/28636	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/28676	Vendor Advisory
cve@mitre.org	http://www.cups.org/str.php?L2589
cve@mitre.org	http://www.debian.org/security/2007/dsa-1437
cve@mitre.org	http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDVSA-2008:036
cve@mitre.org	http://www.novell.com/linux/security/advisories/suse_security_summary_report.html
cve@mitre.org	http://www.securityfocus.com/bid/26910
cve@mitre.org	http://www.securityfocus.com/bid/26917
cve@mitre.org	http://www.ubuntu.com/usn/usn-563-1
cve@mitre.org	http://www.us-cert.gov/cas/techalerts/TA07-352A.html	US Government Resource
cve@mitre.org	http://www.vupen.com/english/advisories/2007/4238	Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2007/4242	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/39097
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/39101
cve@mitre.org	https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00908.html
af854a3a-2127-422b-91ae-364da2661108	http://bugs.gentoo.org/show_bug.cgi?id=201570
af854a3a-2127-422b-91ae-364da2661108	http://docs.info.apple.com/article.html?artnum=307179
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00003.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28113	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28129	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28136	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28200	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28386	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28441	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28636	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28676	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.cups.org/str.php?L2589
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2007/dsa-1437
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2008:036
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/suse_security_summary_report.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26910
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26917
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-563-1
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA07-352A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/4238	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/4242	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/39097
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/39101
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00908.html

Impacted products

Vendor	Product	Version
apple	mac_os_x	10.5.1
easy_software_products	cups	1.2.4
easy_software_products	cups	1.2.9
easy_software_products	cups	1.2.10
easy_software_products	cups	1.2.12
easy_software_products	cups	1.3.3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3E721C-00CA-4D51-B542-F2BC5C0D65BF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9355573A-B469-49DD-912D-98CD71A2A310",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "96C1D0AA-C5F5-4996-8E66-686CFCBF1D32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "420FCEF3-4E21-4A87-A688-87C755757B0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.2.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "D979FFBA-4916-426F-9401-BCE1121B0F12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "36BF9F21-3FEB-44C4-8A39-18F6D5CC1960",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer underflow in the asn1_get_string function in the SNMP back end (backend/snmp.c) for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that triggers a stack-based buffer overflow."
    },
    {
      "lang": "es",
      "value": "Un subdesbordamiento de enteros en la funci\u00f3n asn1_get_string en el back end de SNMP (backend/snmp.c) para CUPS versiones 1.2 hasta 1.3.4, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de una respuesta SNMP especialmente dise\u00f1ada que desencadena un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria."
    }
  ],
  "id": "CVE-2007-5849",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-12-19T21:46:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=201570"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://docs.info.apple.com/article.html?artnum=307179"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00003.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28113"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28129"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28136"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28200"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28386"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28441"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28636"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28676"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.cups.org/str.php?L2589"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2007/dsa-1437"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:036"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/26910"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/26917"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/usn-563-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/4238"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/4242"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39097"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39101"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00908.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=201570"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://docs.info.apple.com/article.html?artnum=307179"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28113"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28129"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28136"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28200"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28386"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28441"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28636"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28676"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.cups.org/str.php?L2589"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2007/dsa-1437"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:036"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/26910"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/26917"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-563-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/4238"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/4242"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39097"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39101"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00908.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Not vulnerable.\n\nThis flaw does not affect the version of CUPS shipped in Red Hat Enterprise Linux 3 or 4.\n\nAfter a detailed analysis of this flaw, it has been determined it does not pose a security threat on Red Hat Enterprise Linux 5.  For more details regarding this analysis, please see:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=415131",
      "lastModified": "2008-01-02T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2007-5849

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2007-5849

Aliases

CVE-2007-5849

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2007-5849",
    "description": "Integer underflow in the asn1_get_string function in the SNMP back end (backend/snmp.c) for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that triggers a stack-based buffer overflow.",
    "id": "GSD-2007-5849",
    "references": [
      "https://www.suse.com/security/cve/CVE-2007-5849.html",
      "https://www.debian.org/security/2007/dsa-1437"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2007-5849"
      ],
      "details": "Integer underflow in the asn1_get_string function in the SNMP back end (backend/snmp.c) for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that triggers a stack-based buffer overflow.",
      "id": "GSD-2007-5849",
      "modified": "2023-12-13T01:21:41.321453Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2007-5849",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Integer underflow in the asn1_get_string function in the SNMP back end (backend/snmp.c) for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that triggers a stack-based buffer overflow."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.cups.org/str.php?L2589",
            "refsource": "CONFIRM",
            "url": "http://www.cups.org/str.php?L2589"
          },
          {
            "name": "cups-asn1getstring-bo(39101)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39101"
          },
          {
            "name": "ADV-2007-4238",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/4238"
          },
          {
            "name": "TA07-352A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
          },
          {
            "name": "28129",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/28129"
          },
          {
            "name": "SUSE-SR:2008:002",
            "refsource": "SUSE",
            "url": "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html"
          },
          {
            "name": "28441",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/28441"
          },
          {
            "name": "28136",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/28136"
          },
          {
            "name": "28113",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/28113"
          },
          {
            "name": "28200",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/28200"
          },
          {
            "name": "USN-563-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/usn-563-1"
          },
          {
            "name": "GLSA-200712-14",
            "refsource": "GENTOO",
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml"
          },
          {
            "name": "26910",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/26910"
          },
          {
            "name": "SUSE-SA:2008:002",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00003.html"
          },
          {
            "name": "FEDORA-2008-0322",
            "refsource": "FEDORA",
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00908.html"
          },
          {
            "name": "APPLE-SA-2007-12-17",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
          },
          {
            "name": "28676",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/28676"
          },
          {
            "name": "DSA-1437",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2007/dsa-1437"
          },
          {
            "name": "http://docs.info.apple.com/article.html?artnum=307179",
            "refsource": "CONFIRM",
            "url": "http://docs.info.apple.com/article.html?artnum=307179"
          },
          {
            "name": "28386",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/28386"
          },
          {
            "name": "http://bugs.gentoo.org/show_bug.cgi?id=201570",
            "refsource": "CONFIRM",
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=201570"
          },
          {
            "name": "MDVSA-2008:036",
            "refsource": "MANDRIVA",
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:036"
          },
          {
            "name": "28636",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/28636"
          },
          {
            "name": "macos-snmp-bo(39097)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39097"
          },
          {
            "name": "ADV-2007-4242",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/4242"
          },
          {
            "name": "26917",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/26917"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:easy_software_products:cups:1.3.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:easy_software_products:cups:1.2.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:easy_software_products:cups:1.2.12:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:easy_software_products:cups:1.2.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:easy_software_products:cups:1.2.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-5849"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Integer underflow in the asn1_get_string function in the SNMP back end (backend/snmp.c) for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that triggers a stack-based buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-189"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "APPLE-SA-2007-12-17",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=307179",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://docs.info.apple.com/article.html?artnum=307179"
            },
            {
              "name": "http://bugs.gentoo.org/show_bug.cgi?id=201570",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=201570"
            },
            {
              "name": "http://www.cups.org/str.php?L2589",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.cups.org/str.php?L2589"
            },
            {
              "name": "DSA-1437",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2007/dsa-1437"
            },
            {
              "name": "GLSA-200712-14",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml"
            },
            {
              "name": "TA07-352A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
            },
            {
              "name": "26917",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/26917"
            },
            {
              "name": "28113",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/28113"
            },
            {
              "name": "28136",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/28136"
            },
            {
              "name": "28129",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/28129"
            },
            {
              "name": "28200",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/28200"
            },
            {
              "name": "USN-563-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/usn-563-1"
            },
            {
              "name": "26910",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/26910"
            },
            {
              "name": "28386",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/28386"
            },
            {
              "name": "SUSE-SA:2008:002",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00003.html"
            },
            {
              "name": "28441",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/28441"
            },
            {
              "name": "SUSE-SR:2008:002",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html"
            },
            {
              "name": "FEDORA-2008-0322",
              "refsource": "FEDORA",
              "tags": [],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00908.html"
            },
            {
              "name": "28636",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/28636"
            },
            {
              "name": "28676",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/28676"
            },
            {
              "name": "MDVSA-2008:036",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:036"
            },
            {
              "name": "ADV-2007-4238",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/4238"
            },
            {
              "name": "ADV-2007-4242",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/4242"
            },
            {
              "name": "cups-asn1getstring-bo(39101)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39101"
            },
            {
              "name": "macos-snmp-bo(39097)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39097"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-07-29T01:33Z",
      "publishedDate": "2007-12-19T21:46Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2007-5849 (GCVE-0-2007-5849)

CERTA-2007-AVI-551

Description

Solution

CERTA-2007-AVI-551

Description

Solution

VAR-200712-0433

Synopsis

Background

Workaround

Resolution

References

Availability

Concerns?

License

Background

Affected packages

Description

Workaround

GHSA-X2H6-2Q5C-V7PX

FKIE_CVE-2007-5849

GSD-2007-5849

Tags

Sightings

Nomenclature