Update Protection against Apple CUPS IPP Use-after-free Memory Corruption Vulnerability
| Check Point Reference: | CPAI-2011-091 | |
| Date Published: | ||
| Severity: | ||
| Last Updated: | ||
| Source: | Secunia Advisory: SA42219 | |
| Industry Reference(s): | CVE-2010-2941 | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? Apple Computer Common UNIX Printing System (CUPS) 1.4.4 and prior | ||
| Vulnerability Description A use-after-free memory corruption vulnerability has been reported in the implementation of Internet Printing Protocol (IPP) of the Common Unix Printing System (CUPS). CUPS is a modular printing system for Unix-like operating systems that allows a computer to act as a print server. A computer running CUPS is a host that can accept print jobs from client computers, process them, and send them to the appropriate printer. A remote attacker may exploit this vulnerability to execute arbitrary code on a vulnerable system. |
||
|
Update/Patch Available The vendor, Red Hat, has released an advisory addressing this vulnerability. |
|
|
Vulnerability Details This vulnerability is caused by improper handling of memory allocations and deallocations for multiple-valued attributes that have their values typed differently. A remote attacker can exploit this issue by specially crafting a request to a CUPS server using the IPP protocol. Successful exploitation of this vulnerability can result in execution of arbitrary code on the vulnerable system and may result in a denial of service condition. |
Protection Overview
This protection will detect and block malicious CUPS requests sent to the vulnerable system.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.