Debian Security Advisory DSA 621-1 (cupsys) Network Vulnerability

Summary

The remote host is missing an update to cupsys announced via advisory DSA 621-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20621-1

Insight

An iDEFENSE security researcher discovered a buffer overflow in xpdf, the Portable Document Format (PDF) suite. Similar code is present in the PDF processing part of CUPS. A maliciously crafted PDF file could exploit this problem, leading to the execution of arbitrary code. For the stable distribution (woody) this problem has been fixed in version 1.1.14-5woody11. For the unstable distribution (sid) this problem has been fixed in version 1.1.22-2. We recommend that you upgrade your cupsys packages.

Severity

Classification

CVE CVE-2004-1125
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Debian Security Advisory DSA 091-1 (ssh)
Debian Security Advisory DSA 005-1 (slocate)
Debian Security Advisory DSA 014-1 (splitvt)
Debian Security Advisory DSA 1072-1 (nagios)
Debian Security Advisory DSA 030-1 (xfree86-1)

Take action and discover your vulnerabilities