Slashdot Mirror

← Back to Stories (view on slashdot.org)

CUPS Security Vulnerabilities

Posted by CowboyNeal on from the leaving-the-door-open dept.

Buck Naked writes "A slew of vulnerabilities was discovered in CUPS, from the advisory: 'Exploitation of multiple CUPS vulnerabilities allow local and remote attackers in the worst of the scenarios to gain root privileges...' The full advisory can be found at iDEFENSE."

9 of 155 comments (clear)

  1. Same shit, different daemon... by norculf · · Score: 5, Insightful

    Common sense applies. The outside world doesn't need access to your printers, so firewall it and remember to patch it once in a while and you might be safe...

  2. Thanks CowboyNeal and poster by mao+che+minh · · Score: 5, Insightful

    While many might chime in here saying this story would be better suited on security sites, I for one just heard about it now. I also plugged about 3 vulnerabilities because of it.

  3. Patches out, you can relax by Erore · · Score: 5, Informative

    http://www.cups.org/news.php?V87

    Whew, I feel much safer now. It's always nice that someone feels ownership for the code, thus that someone takes quick action and fixes the problems. Thank you Michael Sweet for a great print system and quick action.

  4. Vendor notes... by Anonymous Coward · · Score: 5, Informative


    Michael Sweet [mike@easysw.com] of Easy Software Products said CUPS 1.1.18 will be released December 19, 2002 which addresses all of these issues (http://www.cups.org).

    Mark J Cox (mjc@redhat.com) of Red Hat said the following:

    "Red Hat Linux 7.3 and 8.0 ship with CUPS, however it is not enabled by default. We are currently working on producing erratum packages. When complete, these will be available along with our advisory. At the same time, users of the Red Hat Network will be able to update their systems
    using the 'up2date' tool."

    Richard Blanchard (rblanchard@apple.com) of Apple said the following:

    "Affected Systems:
    Mac OS X 10.2 - Mac OS X 10.2.2
    Mac OS X Server 10.2 - Mac OS X Server 10.2.2

    Mitigating Factors:

    The described vulnerability can be remotely exploited only when Printer Sharing is enabled. Printer Sharing is not enabled by default on Mac OS X or Mac OS X Server.

    Fixed in: Mac OS X 10.2.3 and Mac OS X Server 10.2.3"

  5. CUPS is still the best solution by jaymzter · · Score: 5, Insightful

    CUPS, as far as I'm concerned is the killer app for printing in the *nix world. And just like another poster mentioned, why on earth would someone not be firewalling their printer? So once again it comes down to the competency of the system administrator. As for the MS trolls out there who will use this as an excuse to pan OSS, I'd like to point out that at least with CUPS and projects like it we won't have to wait for the maintainers to admit there's a problem, and then wait a month or more for a fix. This is news only in that security vulnerabilities need to be dissemenated as widely as possible

    --
    If thou see a fair woman pay court to her, for thus thou wilt obtain love
    1. Re:CUPS is still the best solution by berzerke · · Score: 5, Informative

      ...why on earth would someone not be firewalling their printer?



      In addition to the firewalling, cups can also be portwalled too (see http://www.spotswood-computer.net/portwalling.html for details on this concept). Make sure it's not listening on an internet interface (which it would by default). Assuming your internal interface is 192.168.1.1, comment out the lines

      Port 80
      Port 631
      and replace them with
      Listen 192.168.1.1:631
      Listen 192.168.1.1:80
      and restart the service. Warning: The cups init.d script in Mandrake (at least) will make changes to your configuration file, resulting in cups failing to start if you make the changes listed here. Edit the script and stop it from making the changes before you restart.

  6. Mac Users OK by mattvd · · Score: 5, Informative
    From the linked article:
    "Fixed in: Mac OS X 10.2.3 and Mac OS X Server 10.2.3"
    Apple just released 10.2.3 today.
  7. Not really news - CUPS vulnerabilities endemic by commodoresloat · · Score: 5, Funny

    CUPS have always had known vulnerabilities; they need them to operate effectively. What do you expect when you have a giant hole on one end of the things? But if you plug up the hole, you can't drink out of them. Thus, CUPS will always be vulnerable.

  8. "Slew?" by printman · · Score: 5, Informative

    OK, for folks that haven't read the advisory, a "slew" is apparently 9.

    Of those 9, only *1* of the issues could possibly be used to gain root access, and it depends entirely on the CUPS release, compiler, etc. you use, and for the exploit to work remotely you have to change the default CUPS configuration.

    Issue 6 was fixed back in CUPS 1.1.15 (released in June) and is old news.

    All but one issue was fixed within a few hours of the report, and the current CUPS release (1.1.18) does not have any of these vulnerabilities.

    --
    I print, therefore I am.