In association with heise online

19 March 2008, 13:40

CUPS print service executes injected code

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Version 1.3.6 of the CUPS CUPS print service and prior releases contain a security vulnerability. The security hole allows attackers to inject and execute code using a specially crafted request to the print service.

In its standard configuration, CUPS monitors TCP port 631 for incoming connections. If a printer is shared on a computer, generally anyone on the LAN has access to it. According to an advisory by security service provider iDefense, attackers can use undisclosed crafted requests to the service to trigger a buffer overflow and execute malicious code. If CUPS is only running locally without printer sharing, local users can use the vulnerability to increase their permissions.

Apple, the current owner of CUPS has updated the printer service under Mac OS X with its release today of Update 2008-002. Linux distributors should release their updated packets soon. If the update is offered by the distributor, the administrator should apply itas soon as possible.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit