SuSE Update For Cups SUSE-SA:2008:015 Network Vulnerability

Impact

remote code execution

Solution

Please Install the Updated Packages.

Insight

A heap-overflow in the cgiCompileSearch() function of cups could be exploited by remote attackers to execute arbitrary code. The vulnerable function is used by the web-interface which is only available remotely if the print server shares printers over the network.

Affected

cups on openSUSE 10.2, openSUSE 10.3

References

http://www.novell.com/linux/security/advisories/2008_15_cups.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-0047
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

SLES10: Security update for IBM Java 1.5.0
SLES10: Security update for dhclient
SLES10: Security update for MozillaFirefox
SLES10: Security update for Mozilla Firefox
SLES10: Security update for MozillaFirefox

SuSE Update for cups SUSE-SA:2008:015

Take action and discover your vulnerabilities