National Vulnerability Database (NVD) National Vulnerability Database (CVE-2008-3641)

National Cyber-Alert System

Vulnerability Summary for CVE-2008-3641

Original release date:10/10/2008

Last revised:06/19/2009

Source: US-CERT/NIST

Overview

The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory.

Impact

CVSS Severity (version 2.0):

CVSS v2 Base Score:10.0 (HIGH) (AV:N/AC:L/Au:N/C:C/I:C/A:C) (legend)

Impact Subscore: 10.0

Exploitability Subscore: 10.0

CVSS Version 2 Metrics:

Access Vector: Network exploitable

Access Complexity: Low

Authentication: Not required to exploit

Impact Type:Allows unauthorized disclosure of information; Allows unauthorized modification; Allows disruption of service

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

External Source: BID

Name: 31681

Type: Patch Information

Hyperlink:http://www.securityfocus.com/bid/31681

External Source: CONFIRM

Name: http://www.cups.org/articles.php?L575

Type: Advisory; Patch Information

Hyperlink:http://cups.org/articles.php?L575

External Source: FEDORA

Name: FEDORA-2008-8844

Hyperlink:https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00380.html

External Source: FEDORA

Name: FEDORA-2008-8801

Hyperlink:https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00331.html

External Source: XF

Name: cups-hpgl-code-execution(45779)

Hyperlink:http://xforce.iss.net/xforce/xfdb/45779

External Source: MISC

Name: http://www.zerodayinitiative.com/advisories/ZDI-08-067

Hyperlink:http://www.zerodayinitiative.com/advisories/ZDI-08-067

External Source: VUPEN

Name: ADV-2009-1568

Hyperlink:http://www.vupen.com/english/advisories/2009/1568

External Source: UBUNTU

Name: USN-656-1

Hyperlink:http://www.ubuntulinux.org/support/documentation/usn/usn-656-1

External Source: SECTRACK

Name: 1021031

Hyperlink:http://www.securitytracker.com/id?1021031

External Source: BID

Name: 31688

Hyperlink:http://www.securityfocus.com/bid/31688

External Source: BUGTRAQ

Name: 20081010 ZDI-08-067: Apple CUPS 1.3.7 (HP-GL/2 filter) Remote Code Execution Vulnerability

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/497221/100/0/threaded

External Source: REDHAT

Name: RHSA-2008:0937

Hyperlink:http://www.redhat.com/support/errata/RHSA-2008-0937.html

External Source: MANDRIVA

Name: MDVSA-2008:211

Hyperlink:http://www.mandriva.com/security/advisories?name=MDVSA-2008:211

External Source: GENTOO

Name: GLSA-200812-11

Hyperlink:http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml

External Source: VUPEN

Name: ADV-2008-3401

Hyperlink:http://www.frsirt.com/english/advisories/2008/3401

External Source: VUPEN

Name: ADV-2008-2782

Type: Advisory

Hyperlink:http://www.frsirt.com/english/advisories/2008/2782

External Source: VUPEN

Name: ADV-2008-2780

Type: Advisory

Hyperlink:http://www.frsirt.com/english/advisories/2008/2780

External Source: DEBIAN

Name: DSA-1656

Hyperlink:http://www.debian.org/security/2008/dsa-1656

External Source: CONFIRM

Name: http://www.cups.org/str.php?L2911

Hyperlink:http://www.cups.org/str.php?L2911

External Source: CONFIRM

Name: http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm

Hyperlink:http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm

External Source: CONFIRM

Name: http://support.apple.com/kb/HT3216

Type: Advisory

Hyperlink:http://support.apple.com/kb/HT3216

External Source: SUNALERT

Name: 261088

Hyperlink:http://sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1

External Source: SECUNIA

Name: 33568

Hyperlink:http://secunia.com/advisories/33568

External Source: SECUNIA

Name: 33111

Hyperlink:http://secunia.com/advisories/33111

External Source: SECUNIA

Name: 33085

Hyperlink:http://secunia.com/advisories/33085

External Source: SECUNIA

Name: 32316

Type: Advisory

Hyperlink:http://secunia.com/advisories/32316

External Source: SECUNIA

Name: 32292

Type: Advisory

Hyperlink:http://secunia.com/advisories/32292

External Source: SECUNIA

Name: 32284

Type: Advisory

Hyperlink:http://secunia.com/advisories/32284

External Source: SECUNIA

Name: 32226

Type: Advisory

Hyperlink:http://secunia.com/advisories/32226

External Source: SECUNIA

Name: 32222

Type: Advisory

Hyperlink:http://secunia.com/advisories/32222

External Source: SECUNIA

Name: 32084

Type: Advisory

Hyperlink:http://secunia.com/advisories/32084

External Source: SUSE

Name: SUSE-SR:2009:002

Hyperlink:http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html

External Source: SUSE

Name: SUSE-SR:2008:021

Hyperlink:http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html

External Source: APPLE

Name: APPLE-SA-2008-10-09

Type: Advisory

Hyperlink:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html

Vulnerable software and versions

Configuration 1

* cpe:/a:apple:cups:1.3.8 and previous versions

* cpe:/a:apple:cups:1.3.7

* cpe:/a:apple:cups:1.3.6

* cpe:/a:apple:cups:1.3.5

* cpe:/a:apple:cups:1.3.4

* cpe:/a:apple:cups:1.3.3

* cpe:/a:apple:cups:1.3.2

* cpe:/a:apple:cups:1.3.1

* cpe:/a:apple:cups:1.3.0

* cpe:/a:apple:cups:1.3:rc2

* cpe:/a:apple:cups:1.3:rc1

* cpe:/a:apple:cups:1.3:b1

* cpe:/a:apple:cups:1.2.12

* cpe:/a:apple:cups:1.2.11

* cpe:/a:apple:cups:1.2.10

* cpe:/a:apple:cups:1.2.9

* cpe:/a:apple:cups:1.2.8

* cpe:/a:apple:cups:1.2.7

* cpe:/a:apple:cups:1.2.6

* cpe:/a:apple:cups:1.2.5

* cpe:/a:apple:cups:1.2.4

* cpe:/a:apple:cups:1.2.3

* cpe:/a:apple:cups:1.2.2

* cpe:/a:apple:cups:1.2.1

* cpe:/a:apple:cups:1.2.0

* cpe:/a:apple:cups:1.2:rc3

* cpe:/a:apple:cups:1.2:rc2

* cpe:/a:apple:cups:1.2:rc1

* cpe:/a:apple:cups:1.2:b2

* cpe:/a:apple:cups:1.2:b1

* cpe:/a:apple:cups:1.1.23

* cpe:/a:apple:cups:1.1.23:rc1

* cpe:/a:apple:cups:1.1.22

* cpe:/a:apple:cups:1.1.22:rc2

* cpe:/a:apple:cups:1.1.22:rc1

* cpe:/a:apple:cups:1.1.21

* cpe:/a:apple:cups:1.1.21:rc1

* cpe:/a:apple:cups:1.1.21:rc2

* cpe:/a:apple:cups:1.1.20:rc6

* cpe:/a:apple:cups:1.1.20:rc5

* cpe:/a:apple:cups:1.1.20:rc4

* cpe:/a:apple:cups:1.1.20:rc3

* cpe:/a:apple:cups:1.1.20:rc2

* cpe:/a:apple:cups:1.1.20:rc1

* cpe:/a:apple:cups:1.1.20

* cpe:/a:apple:cups:1.1.19:rc5

* cpe:/a:apple:cups:1.1.19:rc4

* cpe:/a:apple:cups:1.1.19:rc3

* cpe:/a:apple:cups:1.1.19:rc2

* cpe:/a:apple:cups:1.1.19:rc1

* cpe:/a:apple:cups:1.1.19

* cpe:/a:apple:cups:1.1.18

* cpe:/a:apple:cups:1.1.17

* cpe:/a:apple:cups:1.1.16

* cpe:/a:apple:cups:1.1.15

* cpe:/a:apple:cups:1.1.14

* cpe:/a:apple:cups:1.1.13

* cpe:/a:apple:cups:1.1.12

* cpe:/a:apple:cups:1.1.11

* cpe:/a:apple:cups:1.1.10-1

* cpe:/a:apple:cups:1.1.10

* cpe:/a:apple:cups:1.1.9

* cpe:/a:apple:cups:1.1.9-1

* cpe:/a:apple:cups:1.1.8

* cpe:/a:apple:cups:1.1.7

* cpe:/a:apple:cups:1.1.6-3

* cpe:/a:apple:cups:1.1.6-2

* cpe:/a:apple:cups:1.1.6-1

* cpe:/a:apple:cups:1.1.6

* cpe:/a:apple:cups:1.1.5-2

* cpe:/a:apple:cups:1.1.5-1

* cpe:/a:apple:cups:1.1.5

* cpe:/a:apple:cups:1.1.4

* cpe:/a:apple:cups:1.1.3

* cpe:/a:apple:cups:1.1.2

* cpe:/a:apple:cups:1.1.1

* cpe:/a:apple:cups:1.1

* Denotes Vulnerable Software

Technical Details

Vulnerability Type (View All)

Resource Management Errors (CWE-399)

CVE Standard Vulnerability Entry:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3641