Signature Detail

APP: Apple CUPS gif_read_lzw Heap Buffer Overflow

This signature detects attempts to exploit a known vulnerability in Common Unix Printing System (CUPS). A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the affected application.

Extended Description

CUPS is prone to a heap-based buffer-overflow vulnerability because of a failure to properly bounds-check user-supplied data. Successful exploits will allow attackers to execute arbitrary code in the context of the affected application; failed exploit attempts may cause denial-of-service conditions. CUPS 1.4.8 is vulnerable. Other versions may also be affected.

Affected Products

• Debian linux 6.0 amd64
• Debian linux 6.0 arm
• Debian linux 6.0 ia-32
• Debian linux 6.0 ia-64
• Debian linux 6.0 mips
• Debian linux 6.0 powerpc
• Debian linux 6.0 s/390
• Debian linux 6.0 sparc
• Easy_software_products cups 1.4.8
• Gentoo linux
• Mandriva enterprise_server 5
• Mandriva enterprise_server 5 X86 64
• Mandriva linux_mandrake 2009.0
• Mandriva linux_mandrake 2009.0 X86 64
• Mandriva linux_mandrake 2010.1
• Mandriva linux_mandrake 2010.1 X86 64
• Mandriva linux_mandrake 2011
• Mandriva linux_mandrake 2011 x86_64
• Ubuntu ubuntu_linux 10.04 Amd64
• Ubuntu ubuntu_linux 10.04 ARM
• Ubuntu ubuntu_linux 10.04 I386
• Ubuntu ubuntu_linux 10.04 Powerpc
• Ubuntu ubuntu_linux 10.04 Sparc
• Ubuntu ubuntu_linux 10.10 amd64
• Ubuntu ubuntu_linux 10.10 ARM
• Ubuntu ubuntu_linux 10.10 i386
• Ubuntu ubuntu_linux 10.10 powerpc
• Ubuntu ubuntu_linux 11.04 amd64
• Ubuntu ubuntu_linux 11.04 ARM
• Ubuntu ubuntu_linux 11.04 i386
• Ubuntu ubuntu_linux 11.04 powerpc
• Ubuntu ubuntu_linux 8.04 LTS Amd64
• Ubuntu ubuntu_linux 8.04 LTS I386
• Ubuntu ubuntu_linux 8.04 LTS Lpia
• Ubuntu ubuntu_linux 8.04 LTS Powerpc
• Ubuntu ubuntu_linux 8.04 LTS Sparc

References

• BugTraq: 49323
• CVE: CVE-2011-3170