---

SOT Linux Advisories: cups, ethereal


SOT Linux Security Advisory

Subject: Updated cups package for SOT Linux 2003
Advisory ID: SLSA-2003:50
Date: Friday, November 7, 2003
Product: SOT Linux 2003

1. Problem description

The Common UNIX Printing System provides a portable printing
layer for UNIX® operating systems.
Protocol (IPP) implementation in CUPS versions prior to 1.1.19
would get into a busy loop. This could result in a denial of
service. In order to exploit this bug an attacker would need to
have the ability to make a TCP connection to the IPP port (by
default 631). Updated package with fixed issue is avaible for SOT
Linux.

2. Updated packages

SOT Linux 2003 Desktop:

i386:

ftp://ftp.sot.com/updates/2003/Desktop/i386/cups-libs-1.1.20rc5-14.i386.rpm


ftp://ftp.sot.com/updates/2003/Desktop/i386/cups-1.1.20rc5-14.i386.rpm


ftp://ftp.sot.com/updates/2003/Desktop/i386/cups-devel-1.1.20rc5-14.i386.rpm

SRPMS:

ftp://ftp.sot.com/updates/2003/Desktop/SRPMS/cups-1.1.20rc5-14.src.rpm

SOT Linux 2003 Server:

i386:

ftp://ftp.sot.com/updates/2003/Server/i386/cups-libs-1.1.20rc5-14.i386.rpm

SRPMS:

ftp://ftp.sot.com/updates/2003/Server/SRPMS/cups-1.1.20rc5-14.src.rpm

3. Upgrading package

Before applying this update, make sure all previously released
errata relevant to your system have been applied.

Use up2date to automatically upgrade the fixed packages.

If you want to upgrade manually, download the updated package
from the SOT Linux FTP site (use the links above) or from one of
our mirrors. The list of mirrors can be obtained at www.sot.com/en/linux

Update the package with the following command: rpm -Uvh
<filename>

4. Verification

All packages are PGP signed by SOT for security.

You can verify each package with the following command: rpm
–checksig <filename>

If you wish to verify the integrity of the downloaded package,
run “md5sum <filename>” and compare the output with data
given below.

Package Name MD5 sum


/Desktop/i386/cups-1.1.20rc5-14.i386.rpm
da57844da8e4afee7b0d2b0a946bf745
/Desktop/i386/cups-libs-1.1.20rc5-14.i386.rpm
a767b375e57893f41fb9d9f38d9f5f31
/Desktop/i386/cups-devel-1.1.20rc5-14.i386.rpm
f5b59a0c6ad7d5c28d6a1c1028848250
/Desktop/SRPMS/cups-1.1.20rc5-14.src.rpm
21e5693748960d714f82e209da36c6c6
/Server/i386/cups-libs-1.1.20rc5-14.i386.rpm
a767b375e57893f41fb9d9f38d9f5f31
/Server/SRPMS/cups-1.1.20rc5-14.src.rpm
21e5693748960d714f82e209da36c6c6

5. References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0788
http://www.cups.org/str.php?L315+P0+S0+C0+I0+E0+Q

Copyright(c) 2001-2003 SOT


SOT Linux Security Advisory

Subject: Updated ethereal package for SOT Linux 2003
Advisory ID: SLSA-2003:51
Date: Tuesday, November 11, 2003
Product: SOT Linux 2003

1. Problem description

Ethereal is a network traffic analyzer for GNU/Linux operating
system.

A number of security issues affect Ethereal. By exploiting these
issues, it may be possible to make Ethereal crash or run arbitrary
code by injecting a purposefully-malformed packet onto the wire or
by convincing someone to read a malformed packet trace file.

CAN-2003-0925 : A buffer overflow in Ethereal 0.9.15 and earlier
allows remote attackers to cause a denial of service and possibly
execute arbitrary code via a malformed GTP MSISDN string.

CAN-2003-0926: Ethereal 0.9.15 and earlier allows remote
attackers to cause a denial of service (crash) via certain
malformed ISAKMP or MEGACO packets.

CAN-2003-0927: A heap-based buffer overflow in Ethereal 0.9.15
and earlier allows remote attackers to cause a denial of service
(crash) and possibly execute arbitrary code via the SOCKS
dissector.

Users of Ethereal should update to these erratum packages
containing Ethereal version 0.9.16, which is not vulnerable to
these issues.

2. Updated packages

SOT Linux 2003 Server:

i386:

ftp://ftp.sot.com/updates/2003/Server/i386/ethereal-base-0.9.16-3.i386.rpm


ftp://ftp.sot.com/updates/2003/Server/i386/ethereal-gtk+-0.9.16-3.i386.rpm


ftp://ftp.sot.com/updates/2003/Server/i386/ethereal-kde-0.9.16-3.i386.rpm


ftp://ftp.sot.com/updates/2003/Server/i386/ethereal-usermode-0.9.16-3.i386.rpm

SRPMS:

ftp://ftp.sot.com/updates/2003/Server/SRPMS/ethereal-0.9.16-3.src.rpm

3. Upgrading package

Before applying this update, make sure all previously released
errata relevant to your system have been applied.

Use up2date to automatically upgrade the fixed packages.

If you want to upgrade manually, download the updated package
from the SOT Linux FTP site (use the links above) or from one of
our mirrors. The list of mirrors can be obtained at www.sot.com/en/linux

Update the package with the following command: rpm -Uvh
<filename>

4. Verification

All packages are PGP signed by SOT for security.

You can verify each package with the following command: rpm
–checksig <filename>

If you wish to verify the integrity of the downloaded package,
run “md5sum <filename>” and compare the output with data
given below.

Package Name MD5 sum


/Server/i386/ethereal-base-0.9.16-3.i386.rpm
288e8fd77523606d3026f51ab2b7fe15
/Server/i386/ethereal-gtk+-0.9.16-3.i386.rpm
d1fe21bc98bb56c25c162a764f46f43e
/Server/i386/ethereal-kde-0.9.16-3.i386.rpm
9aa31e0efc23bcf939dffc4ca1ff689b
/Server/i386/ethereal-usermode-0.9.16-3.i386.rpm
80cc334691db1a2ad346ce172efe5b69
/Server/SRPMS/ethereal-0.9.16-3.src.rpm
52bb8aaac353b64f5a280118c5769b4c

5. References

http://www.ethereal.com/appnotes/enpa-sa-00011.html

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0925

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0926

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0927

Copyright(c) 2001-2003 SOT

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis