var-201108-0236
Vulnerability from variot
The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895. The software enables a variety of image manipulations, including photo retouching, image compositing, and image creation. Description:
The GIMP (GNU Image Manipulation Program) is an image composition and editing program. Bugs fixed (http://bugzilla.redhat.com/):
727800 - CVE-2011-2896 David Koblas' GIF decoder LZW decoder buffer overflow 839020 - CVE-2012-3403 gimp (CEL plug-in): heap buffer overflow when loading external palette files 847303 - CVE-2012-3481 Gimp (GIF plug-in): Heap-based buffer overflow by loading certain GIF images
- (CVE-2011-2896)
This update also fixes the following bugs:
-
Prior to this update, the "Show Completed Jobs," "Show All Jobs," and "Show Active Jobs" buttons returned results globally across all printers and not the results for the specified printer. With this update, jobs from only the selected printer are shown. (BZ#625900)
-
Prior to this update, the code of the serial backend contained a wrong condition. As a consequence, print jobs on the raw print queue could not be canceled. This update modifies the condition in the serial backend code. Now, the user can cancel these print jobs. (BZ#625955)
-
Prior to this update, the textonly filter did not work if used as a pipe, for example when the command line did not specify the filename and the number of copies was always 1. This update modifies the condition in the textonly filter. Now, the data are sent to the printer regardless of the number of copies specified. (BZ#660518)
-
Prior to this update, the file descriptor count increased until it ran out of resources when the cups daemon was running with enabled Security-Enhanced Linux (SELinux) features. With this update, all resources are allocated only once. (BZ#668009)
-
Prior to this update, CUPS incorrectly handled the en_US.ASCII value for the LANG environment variable. This update fixes the handling of the en_US.ASCII value and the binaries now write to standard output properly. Bugs fixed (http://bugzilla.redhat.com/):
625900 - STR #3436: Jobs buttons not working correctly when viewing a specific printer 625955 - Serial back end has inverted SIGTERM block 660518 - textonly filter won't work as a pipe with copies=1 668009 - avc calls leak file descriptors 727800 - CVE-2011-2896 David Koblas' GIF decoder LZW decoder buffer overflow
Packages for 2009.0 are provided as of the Extended Maintenance Program. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security.
CVE-2011-1782 The correction for CVE-2010-4543 was incomplete.
For the stable distribution (squeeze), these problems have been fixed in version 2.6.10-1+squeeze3.
For the testing distribution (wheezy) and the unstable distribution (sid), these problems have been fixed in version 2.6.11-5.
We recommend that you upgrade your gimp packages. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201209-23
http://security.gentoo.org/
Severity: Normal Title: GIMP: Multiple vulnerabilities Date: September 28, 2012 Bugs: #293127, #350915, #372975, #379289, #418425, #432582 ID: 201209-23
Synopsis
Multiple vulnerabilities have been found in GIMP, the worst of which allow execution of arbitrary code or Denial of Service.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 media-gfx/gimp < 2.6.12-r2 >= 2.6.12-r2
Description
Multiple vulnerabilities have been discovered in GIMP. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All GIMP users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=media-gfx/gimp-2.6.12-r2"
References
[ 1 ] CVE-2009-1570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1570 [ 2 ] CVE-2009-3909 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3909 [ 3 ] CVE-2010-4540 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4540 [ 4 ] CVE-2010-4541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4541 [ 5 ] CVE-2010-4542 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4542 [ 6 ] CVE-2010-4543 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4543 [ 7 ] CVE-2011-1178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1178 [ 8 ] CVE-2011-2896 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2896 [ 9 ] CVE-2012-2763 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2763 [ 10 ] CVE-2012-3402 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3402
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201209-23.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Low: cups security and bug fix update Advisory ID: RHSA-2011:1635-03 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1635.html Issue date: 2011-12-06 CVE Names: CVE-2011-2896 =====================================================================
- Summary:
Updated cups packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
- Description:
The Common UNIX Printing System (CUPS) provides a portable printing layer for UNIX operating systems.
A heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch (LZW) decompression algorithm implementation used by the CUPS GIF image format reader. An attacker could create a malicious GIF image file that, when printed, could possibly cause CUPS to crash or, potentially, execute arbitrary code with the privileges of the "lp" user. (CVE-2011-2896)
These updated cups packages also provide fixes for the following bugs:
-
Previously CUPS was not correctly handling the language setting LANG=en_US.ASCII. As a consequence lpadmin, lpstat and lpinfo binaries were not displaying any output when the LANG=en_US.ASCII environment variable was used. As a result of this update the problem is fixed and the expected output is now displayed. (BZ#681836)
-
Previously the scheduler did not check for empty values of several configuration directives. As a consequence it was possible for the CUPS daemon (cupsd) to crash when a configuration file contained certain empty values. With this update the problem is fixed and cupsd no longer crashes when reading such a configuration file. (BZ#706673)
-
Previously when printing to a raw print queue, when using certain printer models, CUPS was incorrectly sending SNMP queries. As a consequence there was a noticeable 4-second delay between queueing the job and the start of printing. With this update the problem is fixed and CUPS no longer tries to collect SNMP supply and status information for raw print queues. (BZ#709896)
-
Previously when using the BrowsePoll directive it could happen that the CUPS printer polling daemon (cups-polld) began polling before the network interfaces were set up after a system boot. CUPS was then caching the failed hostname lookup. As a consequence no printers were found and the error, "Host name lookup failure", was logged. With this update the code that re-initializes the resolver after failure in cups-polld is fixed and as a result CUPS will obtain the correct network settings to use in printer discovery. (BZ#712430)
-
The MaxJobs directive controls the maximum number of print jobs that are kept in memory. Previously, once the number of jobs reached the limit, the CUPS system failed to automatically purge the data file associated with the oldest completed job from the system in order to make room for a new print job. This bug has been fixed, and the jobs beyond the set limit are now properly purged. (BZ#735505)
-
The cups init script (/etc/rc.d/init.d/cups) uses the daemon function (from /etc/rc.d/init.d/functions) to start the cups process, but previously it did not source a configuration file from the /etc/sysconfig/ directory. As a consequence, it was difficult to cleanly set the nice level or cgroup for the cups daemon by setting the NICELEVEL or CGROUP_DAEMON variables. With this update, the init script is fixed. (BZ#744791)
All users of CUPS are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. After installing this update, the cupsd daemon will be restarted automatically.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259
- Bugs fixed (http://bugzilla.redhat.com/):
681836 - lpstat bug with ASCII encoding, LANG=en_US.ASCII lpstat -h localhost -s 706673 - Cups config parsing segfault 712430 - printers are not found after system boot 727800 - CVE-2011-2896 David Koblas' GIF decoder LZW decoder buffer overflow 735505 - CUPS is not purging JobFiles when MaxJobs is reached in RHEL6.1 744791 - cups init script should source /etc/sysconfig/cups
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/cups-1.4.2-44.el6.src.rpm
i386: cups-1.4.2-44.el6.i686.rpm cups-debuginfo-1.4.2-44.el6.i686.rpm cups-libs-1.4.2-44.el6.i686.rpm cups-lpd-1.4.2-44.el6.i686.rpm
x86_64: cups-1.4.2-44.el6.x86_64.rpm cups-debuginfo-1.4.2-44.el6.i686.rpm cups-debuginfo-1.4.2-44.el6.x86_64.rpm cups-libs-1.4.2-44.el6.i686.rpm cups-libs-1.4.2-44.el6.x86_64.rpm cups-lpd-1.4.2-44.el6.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/cups-1.4.2-44.el6.src.rpm
i386: cups-debuginfo-1.4.2-44.el6.i686.rpm cups-devel-1.4.2-44.el6.i686.rpm cups-php-1.4.2-44.el6.i686.rpm
x86_64: cups-debuginfo-1.4.2-44.el6.i686.rpm cups-debuginfo-1.4.2-44.el6.x86_64.rpm cups-devel-1.4.2-44.el6.i686.rpm cups-devel-1.4.2-44.el6.x86_64.rpm cups-php-1.4.2-44.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/cups-1.4.2-44.el6.src.rpm
x86_64: cups-1.4.2-44.el6.x86_64.rpm cups-debuginfo-1.4.2-44.el6.i686.rpm cups-debuginfo-1.4.2-44.el6.x86_64.rpm cups-libs-1.4.2-44.el6.i686.rpm cups-libs-1.4.2-44.el6.x86_64.rpm cups-lpd-1.4.2-44.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/cups-1.4.2-44.el6.src.rpm
x86_64: cups-debuginfo-1.4.2-44.el6.i686.rpm cups-debuginfo-1.4.2-44.el6.x86_64.rpm cups-devel-1.4.2-44.el6.i686.rpm cups-devel-1.4.2-44.el6.x86_64.rpm cups-php-1.4.2-44.el6.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/cups-1.4.2-44.el6.src.rpm
i386: cups-1.4.2-44.el6.i686.rpm cups-debuginfo-1.4.2-44.el6.i686.rpm cups-devel-1.4.2-44.el6.i686.rpm cups-libs-1.4.2-44.el6.i686.rpm cups-lpd-1.4.2-44.el6.i686.rpm
ppc64: cups-1.4.2-44.el6.ppc64.rpm cups-debuginfo-1.4.2-44.el6.ppc.rpm cups-debuginfo-1.4.2-44.el6.ppc64.rpm cups-devel-1.4.2-44.el6.ppc.rpm cups-devel-1.4.2-44.el6.ppc64.rpm cups-libs-1.4.2-44.el6.ppc.rpm cups-libs-1.4.2-44.el6.ppc64.rpm cups-lpd-1.4.2-44.el6.ppc64.rpm
s390x: cups-1.4.2-44.el6.s390x.rpm cups-debuginfo-1.4.2-44.el6.s390.rpm cups-debuginfo-1.4.2-44.el6.s390x.rpm cups-devel-1.4.2-44.el6.s390.rpm cups-devel-1.4.2-44.el6.s390x.rpm cups-libs-1.4.2-44.el6.s390.rpm cups-libs-1.4.2-44.el6.s390x.rpm cups-lpd-1.4.2-44.el6.s390x.rpm
x86_64: cups-1.4.2-44.el6.x86_64.rpm cups-debuginfo-1.4.2-44.el6.i686.rpm cups-debuginfo-1.4.2-44.el6.x86_64.rpm cups-devel-1.4.2-44.el6.i686.rpm cups-devel-1.4.2-44.el6.x86_64.rpm cups-libs-1.4.2-44.el6.i686.rpm cups-libs-1.4.2-44.el6.x86_64.rpm cups-lpd-1.4.2-44.el6.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/cups-1.4.2-44.el6.src.rpm
i386: cups-debuginfo-1.4.2-44.el6.i686.rpm cups-php-1.4.2-44.el6.i686.rpm
ppc64: cups-debuginfo-1.4.2-44.el6.ppc64.rpm cups-php-1.4.2-44.el6.ppc64.rpm
s390x: cups-debuginfo-1.4.2-44.el6.s390x.rpm cups-php-1.4.2-44.el6.s390x.rpm
x86_64: cups-debuginfo-1.4.2-44.el6.x86_64.rpm cups-php-1.4.2-44.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/cups-1.4.2-44.el6.src.rpm
i386: cups-1.4.2-44.el6.i686.rpm cups-debuginfo-1.4.2-44.el6.i686.rpm cups-devel-1.4.2-44.el6.i686.rpm cups-libs-1.4.2-44.el6.i686.rpm cups-lpd-1.4.2-44.el6.i686.rpm
x86_64: cups-1.4.2-44.el6.x86_64.rpm cups-debuginfo-1.4.2-44.el6.i686.rpm cups-debuginfo-1.4.2-44.el6.x86_64.rpm cups-devel-1.4.2-44.el6.i686.rpm cups-devel-1.4.2-44.el6.x86_64.rpm cups-libs-1.4.2-44.el6.i686.rpm cups-libs-1.4.2-44.el6.x86_64.rpm cups-lpd-1.4.2-44.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/cups-1.4.2-44.el6.src.rpm
i386: cups-debuginfo-1.4.2-44.el6.i686.rpm cups-php-1.4.2-44.el6.i686.rpm
x86_64: cups-debuginfo-1.4.2-44.el6.x86_64.rpm cups-php-1.4.2-44.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2011-2896.html https://access.redhat.com/security/updates/classification/#low
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFO3jdAXlSAg2UNWIIRAuf9AJ40wZu4zvl7/JluD0pOAIRHpsC9WACfQlq4 m4F9XjZwY5c1UV+v9+pq1hs= =YoxJ -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ========================================================================== Ubuntu Security Notice USN-1207-1 September 14, 2011
cups, cupsys vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 11.04
- Ubuntu 10.10
- Ubuntu 10.04 LTS
- Ubuntu 8.04 LTS
Summary:
An attacker could send crafted print jobs to CUPS and cause it to crash or run programs.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 11.04: libcupsimage2 1.4.6-5ubuntu1.4
Ubuntu 10.10: libcupsimage2 1.4.4-6ubuntu2.4
Ubuntu 10.04 LTS: libcupsimage2 1.4.3-1ubuntu1.5
Ubuntu 8.04 LTS: libcupsimage2 1.3.7-1ubuntu3.13
In general, a standard system update will make all the necessary changes
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201108-0236",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "swi-prolog",
"scope": "lte",
"trust": 1.0,
"vendor": "swi prolog",
"version": "5.10.4"
},
{
"model": "cups",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "1.4.6"
},
{
"model": "gimp",
"scope": "lte",
"trust": 1.0,
"vendor": "gimp",
"version": "2.6.11"
},
{
"model": "gimp",
"scope": "eq",
"trust": 0.6,
"vendor": "gnu",
"version": "2.6.7"
},
{
"model": "gimp",
"scope": "eq",
"trust": 0.6,
"vendor": "gnu",
"version": "2.6.2"
},
{
"model": "gimp",
"scope": "eq",
"trust": 0.6,
"vendor": "gnu",
"version": "2.6.5"
},
{
"model": "gimp",
"scope": "eq",
"trust": 0.6,
"vendor": "gnu",
"version": "2.6.11"
},
{
"model": "gimp",
"scope": "eq",
"trust": 0.6,
"vendor": "gnu",
"version": "2.6.4"
},
{
"model": "gimp",
"scope": "eq",
"trust": 0.6,
"vendor": "gnu",
"version": "2.6.10"
},
{
"model": "gimp",
"scope": "eq",
"trust": 0.6,
"vendor": "gnu",
"version": "2.6.8"
},
{
"model": "gimp",
"scope": "eq",
"trust": 0.6,
"vendor": "gnu",
"version": "2.6.3"
},
{
"model": "gimp",
"scope": "eq",
"trust": 0.6,
"vendor": "gnu",
"version": "2.6.6"
},
{
"model": "gimp",
"scope": "eq",
"trust": 0.6,
"vendor": "gnu",
"version": "2.6.9"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201108-279"
},
{
"db": "NVD",
"id": "CVE-2011-2896"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:swi-prolog:swi-prolog:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.10.4",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.4.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.6.11",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2896"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "115681"
},
{
"db": "PACKETSTORM",
"id": "110007"
},
{
"db": "PACKETSTORM",
"id": "107564"
}
],
"trust": 0.3
},
"cve": "CVE-2011-2896",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "VHN-50841",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:H/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-2896",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201108-279",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-50841",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50841"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-279"
},
{
"db": "NVD",
"id": "CVE-2011-2896"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895. The software enables a variety of image manipulations, including photo retouching, image compositing, and image creation. Description:\n\nThe GIMP (GNU Image Manipulation Program) is an image composition and\nediting program. Bugs fixed (http://bugzilla.redhat.com/):\n\n727800 - CVE-2011-2896 David Koblas\u0027 GIF decoder LZW decoder buffer overflow\n839020 - CVE-2012-3403 gimp (CEL plug-in): heap buffer overflow when loading external palette files\n847303 - CVE-2012-3481 Gimp (GIF plug-in): Heap-based buffer overflow by loading certain GIF images\n\n6. (CVE-2011-2896)\n\nThis update also fixes the following bugs:\n\n* Prior to this update, the \"Show Completed Jobs,\" \"Show All Jobs,\" and\n\"Show Active Jobs\" buttons returned results globally across all printers\nand not the results for the specified printer. With this update, jobs from\nonly the selected printer are shown. (BZ#625900)\n\n* Prior to this update, the code of the serial backend contained a wrong\ncondition. As a consequence, print jobs on the raw print queue could not be\ncanceled. This update modifies the condition in the serial backend code. \nNow, the user can cancel these print jobs. (BZ#625955)\n\n* Prior to this update, the textonly filter did not work if used as a pipe,\nfor example when the command line did not specify the filename and the\nnumber of copies was always 1. This update modifies the condition in the\ntextonly filter. Now, the data are sent to the printer regardless of the\nnumber of copies specified. (BZ#660518)\n\n* Prior to this update, the file descriptor count increased until it ran\nout of resources when the cups daemon was running with enabled\nSecurity-Enhanced Linux (SELinux) features. With this update, all resources\nare allocated only once. (BZ#668009)\n\n* Prior to this update, CUPS incorrectly handled the en_US.ASCII value for\nthe LANG environment variable. This update fixes the handling of the en_US.ASCII value and the\nbinaries now write to standard output properly. Bugs fixed (http://bugzilla.redhat.com/):\n\n625900 - STR #3436: Jobs buttons not working correctly when viewing a specific printer\n625955 - Serial back end has inverted SIGTERM block\n660518 - textonly filter won\u0027t work as a pipe with copies=1\n668009 - avc calls leak file descriptors\n727800 - CVE-2011-2896 David Koblas\u0027 GIF decoder LZW decoder buffer overflow\n\n6. \n \n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. \n\nCVE-2011-1782\n\tThe correction for CVE-2010-4543 was incomplete. \n\n\nFor the stable distribution (squeeze), these problems have been fixed in\nversion 2.6.10-1+squeeze3. \n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 2.6.11-5. \n\nWe recommend that you upgrade your gimp packages. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201209-23\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: GIMP: Multiple vulnerabilities\n Date: September 28, 2012\n Bugs: #293127, #350915, #372975, #379289, #418425, #432582\n ID: 201209-23\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in GIMP, the worst of which\nallow execution of arbitrary code or Denial of Service. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 media-gfx/gimp \u003c 2.6.12-r2 \u003e= 2.6.12-r2\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in GIMP. Please review\nthe CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll GIMP users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=media-gfx/gimp-2.6.12-r2\"\n\nReferences\n==========\n\n[ 1 ] CVE-2009-1570\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1570\n[ 2 ] CVE-2009-3909\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3909\n[ 3 ] CVE-2010-4540\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4540\n[ 4 ] CVE-2010-4541\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4541\n[ 5 ] CVE-2010-4542\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4542\n[ 6 ] CVE-2010-4543\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4543\n[ 7 ] CVE-2011-1178\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1178\n[ 8 ] CVE-2011-2896\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2896\n[ 9 ] CVE-2012-2763\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2763\n[ 10 ] CVE-2012-3402\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3402\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201209-23.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Low: cups security and bug fix update\nAdvisory ID: RHSA-2011:1635-03\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2011-1635.html\nIssue date: 2011-12-06\nCVE Names: CVE-2011-2896 \n=====================================================================\n\n1. Summary:\n\nUpdated cups packages that fix one security issue and several bugs are now\navailable for Red Hat Enterprise Linux 6. \n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available from the CVE link in\nthe References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\n\n3. Description:\n\nThe Common UNIX Printing System (CUPS) provides a portable printing layer\nfor UNIX operating systems. \n\nA heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch (LZW)\ndecompression algorithm implementation used by the CUPS GIF image format\nreader. An attacker could create a malicious GIF image file that, when\nprinted, could possibly cause CUPS to crash or, potentially, execute\narbitrary code with the privileges of the \"lp\" user. (CVE-2011-2896)\n\nThese updated cups packages also provide fixes for the following bugs:\n\n* Previously CUPS was not correctly handling the language setting\nLANG=en_US.ASCII. As a consequence lpadmin, lpstat and lpinfo binaries were\nnot displaying any output when the LANG=en_US.ASCII environment variable\nwas used. As a result of this update the problem is fixed and the expected\noutput is now displayed. (BZ#681836)\n\n* Previously the scheduler did not check for empty values of several\nconfiguration directives. As a consequence it was possible for the CUPS\ndaemon (cupsd) to crash when a configuration file contained certain empty\nvalues. With this update the problem is fixed and cupsd no longer crashes\nwhen reading such a configuration file. (BZ#706673)\n\n* Previously when printing to a raw print queue, when using certain printer\nmodels, CUPS was incorrectly sending SNMP queries. As a consequence there\nwas a noticeable 4-second delay between queueing the job and the start of\nprinting. With this update the problem is fixed and CUPS no longer tries to\ncollect SNMP supply and status information for raw print queues. \n(BZ#709896)\n\n* Previously when using the BrowsePoll directive it could happen that the\nCUPS printer polling daemon (cups-polld) began polling before the network\ninterfaces were set up after a system boot. CUPS was then caching the\nfailed hostname lookup. As a consequence no printers were found and the\nerror, \"Host name lookup failure\", was logged. With this update the code\nthat re-initializes the resolver after failure in cups-polld is fixed and\nas a result CUPS will obtain the correct network settings to use in printer\ndiscovery. (BZ#712430)\n\n* The MaxJobs directive controls the maximum number of print jobs that are\nkept in memory. Previously, once the number of jobs reached the limit, the\nCUPS system failed to automatically purge the data file associated with the\noldest completed job from the system in order to make room for a new print\njob. This bug has been fixed, and the jobs beyond the set limit are now\nproperly purged. (BZ#735505)\n\n* The cups init script (/etc/rc.d/init.d/cups) uses the daemon function\n(from /etc/rc.d/init.d/functions) to start the cups process, but previously\nit did not source a configuration file from the /etc/sysconfig/ directory. \nAs a consequence, it was difficult to cleanly set the nice level or cgroup\nfor the cups daemon by setting the NICELEVEL or CGROUP_DAEMON variables. \nWith this update, the init script is fixed. (BZ#744791)\n\nAll users of CUPS are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing this\nupdate, the cupsd daemon will be restarted automatically. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n681836 - lpstat bug with ASCII encoding, LANG=en_US.ASCII lpstat -h localhost -s\n706673 - Cups config parsing segfault\n712430 - printers are not found after system boot\n727800 - CVE-2011-2896 David Koblas\u0027 GIF decoder LZW decoder buffer overflow\n735505 - CUPS is not purging JobFiles when MaxJobs is reached in RHEL6.1\n744791 - cups init script should source /etc/sysconfig/cups\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/cups-1.4.2-44.el6.src.rpm\n\ni386:\ncups-1.4.2-44.el6.i686.rpm\ncups-debuginfo-1.4.2-44.el6.i686.rpm\ncups-libs-1.4.2-44.el6.i686.rpm\ncups-lpd-1.4.2-44.el6.i686.rpm\n\nx86_64:\ncups-1.4.2-44.el6.x86_64.rpm\ncups-debuginfo-1.4.2-44.el6.i686.rpm\ncups-debuginfo-1.4.2-44.el6.x86_64.rpm\ncups-libs-1.4.2-44.el6.i686.rpm\ncups-libs-1.4.2-44.el6.x86_64.rpm\ncups-lpd-1.4.2-44.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/cups-1.4.2-44.el6.src.rpm\n\ni386:\ncups-debuginfo-1.4.2-44.el6.i686.rpm\ncups-devel-1.4.2-44.el6.i686.rpm\ncups-php-1.4.2-44.el6.i686.rpm\n\nx86_64:\ncups-debuginfo-1.4.2-44.el6.i686.rpm\ncups-debuginfo-1.4.2-44.el6.x86_64.rpm\ncups-devel-1.4.2-44.el6.i686.rpm\ncups-devel-1.4.2-44.el6.x86_64.rpm\ncups-php-1.4.2-44.el6.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/cups-1.4.2-44.el6.src.rpm\n\nx86_64:\ncups-1.4.2-44.el6.x86_64.rpm\ncups-debuginfo-1.4.2-44.el6.i686.rpm\ncups-debuginfo-1.4.2-44.el6.x86_64.rpm\ncups-libs-1.4.2-44.el6.i686.rpm\ncups-libs-1.4.2-44.el6.x86_64.rpm\ncups-lpd-1.4.2-44.el6.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/cups-1.4.2-44.el6.src.rpm\n\nx86_64:\ncups-debuginfo-1.4.2-44.el6.i686.rpm\ncups-debuginfo-1.4.2-44.el6.x86_64.rpm\ncups-devel-1.4.2-44.el6.i686.rpm\ncups-devel-1.4.2-44.el6.x86_64.rpm\ncups-php-1.4.2-44.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/cups-1.4.2-44.el6.src.rpm\n\ni386:\ncups-1.4.2-44.el6.i686.rpm\ncups-debuginfo-1.4.2-44.el6.i686.rpm\ncups-devel-1.4.2-44.el6.i686.rpm\ncups-libs-1.4.2-44.el6.i686.rpm\ncups-lpd-1.4.2-44.el6.i686.rpm\n\nppc64:\ncups-1.4.2-44.el6.ppc64.rpm\ncups-debuginfo-1.4.2-44.el6.ppc.rpm\ncups-debuginfo-1.4.2-44.el6.ppc64.rpm\ncups-devel-1.4.2-44.el6.ppc.rpm\ncups-devel-1.4.2-44.el6.ppc64.rpm\ncups-libs-1.4.2-44.el6.ppc.rpm\ncups-libs-1.4.2-44.el6.ppc64.rpm\ncups-lpd-1.4.2-44.el6.ppc64.rpm\n\ns390x:\ncups-1.4.2-44.el6.s390x.rpm\ncups-debuginfo-1.4.2-44.el6.s390.rpm\ncups-debuginfo-1.4.2-44.el6.s390x.rpm\ncups-devel-1.4.2-44.el6.s390.rpm\ncups-devel-1.4.2-44.el6.s390x.rpm\ncups-libs-1.4.2-44.el6.s390.rpm\ncups-libs-1.4.2-44.el6.s390x.rpm\ncups-lpd-1.4.2-44.el6.s390x.rpm\n\nx86_64:\ncups-1.4.2-44.el6.x86_64.rpm\ncups-debuginfo-1.4.2-44.el6.i686.rpm\ncups-debuginfo-1.4.2-44.el6.x86_64.rpm\ncups-devel-1.4.2-44.el6.i686.rpm\ncups-devel-1.4.2-44.el6.x86_64.rpm\ncups-libs-1.4.2-44.el6.i686.rpm\ncups-libs-1.4.2-44.el6.x86_64.rpm\ncups-lpd-1.4.2-44.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/cups-1.4.2-44.el6.src.rpm\n\ni386:\ncups-debuginfo-1.4.2-44.el6.i686.rpm\ncups-php-1.4.2-44.el6.i686.rpm\n\nppc64:\ncups-debuginfo-1.4.2-44.el6.ppc64.rpm\ncups-php-1.4.2-44.el6.ppc64.rpm\n\ns390x:\ncups-debuginfo-1.4.2-44.el6.s390x.rpm\ncups-php-1.4.2-44.el6.s390x.rpm\n\nx86_64:\ncups-debuginfo-1.4.2-44.el6.x86_64.rpm\ncups-php-1.4.2-44.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/cups-1.4.2-44.el6.src.rpm\n\ni386:\ncups-1.4.2-44.el6.i686.rpm\ncups-debuginfo-1.4.2-44.el6.i686.rpm\ncups-devel-1.4.2-44.el6.i686.rpm\ncups-libs-1.4.2-44.el6.i686.rpm\ncups-lpd-1.4.2-44.el6.i686.rpm\n\nx86_64:\ncups-1.4.2-44.el6.x86_64.rpm\ncups-debuginfo-1.4.2-44.el6.i686.rpm\ncups-debuginfo-1.4.2-44.el6.x86_64.rpm\ncups-devel-1.4.2-44.el6.i686.rpm\ncups-devel-1.4.2-44.el6.x86_64.rpm\ncups-libs-1.4.2-44.el6.i686.rpm\ncups-libs-1.4.2-44.el6.x86_64.rpm\ncups-lpd-1.4.2-44.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/cups-1.4.2-44.el6.src.rpm\n\ni386:\ncups-debuginfo-1.4.2-44.el6.i686.rpm\ncups-php-1.4.2-44.el6.i686.rpm\n\nx86_64:\ncups-debuginfo-1.4.2-44.el6.x86_64.rpm\ncups-php-1.4.2-44.el6.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and \ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2011-2896.html\nhttps://access.redhat.com/security/updates/classification/#low\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2011 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFO3jdAXlSAg2UNWIIRAuf9AJ40wZu4zvl7/JluD0pOAIRHpsC9WACfQlq4\nm4F9XjZwY5c1UV+v9+pq1hs=\n=YoxJ\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. ==========================================================================\nUbuntu Security Notice USN-1207-1\nSeptember 14, 2011\n\ncups, cupsys vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 11.04\n- Ubuntu 10.10\n- Ubuntu 10.04 LTS\n- Ubuntu 8.04 LTS\n\nSummary:\n\nAn attacker could send crafted print jobs to CUPS and cause it to crash or\nrun programs. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 11.04:\n libcupsimage2 1.4.6-5ubuntu1.4\n\nUbuntu 10.10:\n libcupsimage2 1.4.4-6ubuntu2.4\n\nUbuntu 10.04 LTS:\n libcupsimage2 1.4.3-1ubuntu1.5\n\nUbuntu 8.04 LTS:\n libcupsimage2 1.3.7-1ubuntu3.13\n\nIn general, a standard system update will make all the necessary changes",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2896"
},
{
"db": "VULHUB",
"id": "VHN-50841"
},
{
"db": "PACKETSTORM",
"id": "115681"
},
{
"db": "PACKETSTORM",
"id": "106598"
},
{
"db": "PACKETSTORM",
"id": "110007"
},
{
"db": "PACKETSTORM",
"id": "105649"
},
{
"db": "PACKETSTORM",
"id": "107429"
},
{
"db": "PACKETSTORM",
"id": "110489"
},
{
"db": "PACKETSTORM",
"id": "116983"
},
{
"db": "PACKETSTORM",
"id": "107564"
},
{
"db": "PACKETSTORM",
"id": "105118"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-2896",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "46024",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "45945",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "45621",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "45948",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "50737",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "48236",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "48308",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "45900",
"trust": 1.7
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2011/08/10/10",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1025929",
"trust": 1.7
},
{
"db": "BID",
"id": "49148",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-201108-279",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "107564",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "107429",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "105118",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "110007",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "115681",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "105296",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-50841",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "106598",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "105649",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "110489",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "116983",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50841"
},
{
"db": "PACKETSTORM",
"id": "115681"
},
{
"db": "PACKETSTORM",
"id": "106598"
},
{
"db": "PACKETSTORM",
"id": "110007"
},
{
"db": "PACKETSTORM",
"id": "105649"
},
{
"db": "PACKETSTORM",
"id": "107429"
},
{
"db": "PACKETSTORM",
"id": "110489"
},
{
"db": "PACKETSTORM",
"id": "116983"
},
{
"db": "PACKETSTORM",
"id": "107564"
},
{
"db": "PACKETSTORM",
"id": "105118"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-279"
},
{
"db": "NVD",
"id": "CVE-2011-2896"
}
]
},
"id": "VAR-201108-0236",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-50841"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T22:16:08.579000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "GNU Gimp \u0027LZWReadByte()\u0027 GIF Fixes for Graphics Parsing Buffer Error Vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=180847"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201108-279"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50841"
},
{
"db": "NVD",
"id": "CVE-2011-2896"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://security.gentoo.org/glsa/glsa-201209-23.xml"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1180.html"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-1207-1"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1025929"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/45621"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/45900"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/45945"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/45948"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/46024"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/48236"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/48308"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/49148"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/50737"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2011/dsa-2354"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2012/dsa-2426"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-august/064873.html"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-august/064600.html"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-september/065550.html"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-september/065651.html"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-september/065527.html"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-september/065539.html"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2011:146"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2011:167"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2011-1635.html"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1181.html"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-1214-1"
},
{
"trust": 1.7,
"url": "http://www.openwall.com/lists/oss-security/2011/08/10/10"
},
{
"trust": 1.7,
"url": "http://cups.org/str.php?l3867"
},
{
"trust": 1.7,
"url": "http://git.gnome.org/browse/gimp/commit/?id=376ad788c1a1c31d40f18494889c383f6909ebfc"
},
{
"trust": 1.7,
"url": "http://www.swi-prolog.org/bugzilla/show_bug.cgi?id=7#c4"
},
{
"trust": 1.7,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=727800"
},
{
"trust": 1.7,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=730338"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2896"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2896.html"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.3,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3170"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2896"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/kb/docs/doc-11259"
},
{
"trust": 0.2,
"url": "http://secunia.com/"
},
{
"trust": 0.2,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4542"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4540"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4541"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4543"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-3403.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-3481.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3403"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3481"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2895"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-1168"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2012-0302.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2432"
},
{
"trust": 0.1,
"url": "http://store.mandriva.com/product_info.php?cpath=149\u0026amp;products_id=490"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3170"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2432"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1782"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2763"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2763"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3402"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4540"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-1178"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1570"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3402"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3909"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4541"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4542"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2896"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4543"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1178"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3909"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1570"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-1635.html"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/cups/1.4.3-1ubuntu1.5"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/cupsys/1.3.7-1ubuntu3.13"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/cups/1.4.6-5ubuntu1.4"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/cups/1.4.4-6ubuntu2.4"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50841"
},
{
"db": "PACKETSTORM",
"id": "115681"
},
{
"db": "PACKETSTORM",
"id": "106598"
},
{
"db": "PACKETSTORM",
"id": "110007"
},
{
"db": "PACKETSTORM",
"id": "105649"
},
{
"db": "PACKETSTORM",
"id": "107429"
},
{
"db": "PACKETSTORM",
"id": "110489"
},
{
"db": "PACKETSTORM",
"id": "116983"
},
{
"db": "PACKETSTORM",
"id": "107564"
},
{
"db": "PACKETSTORM",
"id": "105118"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-279"
},
{
"db": "NVD",
"id": "CVE-2011-2896"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-50841"
},
{
"db": "PACKETSTORM",
"id": "115681"
},
{
"db": "PACKETSTORM",
"id": "106598"
},
{
"db": "PACKETSTORM",
"id": "110007"
},
{
"db": "PACKETSTORM",
"id": "105649"
},
{
"db": "PACKETSTORM",
"id": "107429"
},
{
"db": "PACKETSTORM",
"id": "110489"
},
{
"db": "PACKETSTORM",
"id": "116983"
},
{
"db": "PACKETSTORM",
"id": "107564"
},
{
"db": "PACKETSTORM",
"id": "105118"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-279"
},
{
"db": "NVD",
"id": "CVE-2011-2896"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-08-19T00:00:00",
"db": "VULHUB",
"id": "VHN-50841"
},
{
"date": "2012-08-20T21:50:38",
"db": "PACKETSTORM",
"id": "115681"
},
{
"date": "2011-11-04T21:06:51",
"db": "PACKETSTORM",
"id": "106598"
},
{
"date": "2012-02-21T15:30:30",
"db": "PACKETSTORM",
"id": "110007"
},
{
"date": "2011-10-10T22:39:39",
"db": "PACKETSTORM",
"id": "105649"
},
{
"date": "2011-12-01T00:06:52",
"db": "PACKETSTORM",
"id": "107429"
},
{
"date": "2012-03-06T23:59:02",
"db": "PACKETSTORM",
"id": "110489"
},
{
"date": "2012-09-28T23:51:10",
"db": "PACKETSTORM",
"id": "116983"
},
{
"date": "2011-12-06T23:57:53",
"db": "PACKETSTORM",
"id": "107564"
},
{
"date": "2011-09-14T22:51:57",
"db": "PACKETSTORM",
"id": "105118"
},
{
"date": "2011-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201108-279"
},
{
"date": "2011-08-19T17:55:03.317000",
"db": "NVD",
"id": "CVE-2011-2896"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-50841"
},
{
"date": "2022-02-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201108-279"
},
{
"date": "2022-02-07T18:44:21.820000",
"db": "NVD",
"id": "CVE-2011-2896"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "106598"
},
{
"db": "PACKETSTORM",
"id": "105649"
},
{
"db": "PACKETSTORM",
"id": "105118"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-279"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "GNU Gimp \u0027LZWReadByte()\u0027 GIF Graphics Parse Buffer Error Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201108-279"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201108-279"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.