Created at 09:00 May 27, 2003 by mike, last modified at 10:41 May 27, 2003
A denial of service attack vulnerability, STR #75, was discovered and reported by Red Hat which allows a malicious user to block the CUPS scheduler while servicing a request, effectively preventing other users from accessing the scheduler. This vulnerability exists for both local and remote accesses to all CUPS versions up to and including 1.1.19rc3.
A patch for CUPS 1.1.18 is available on the STR page. CUPS 1.1.19rc4 and higher do not contain this vulnerability and do not require any additional patches. Download · Home Page · Listing
Have the sources that are available now for 1.1.18 been patched? Reply
No, you need to apply the patch for 1.1.18 if you download the 1.1.18 sources.
However, if you download 1.1.19 you don't need the patch. Reply
If there is a 1.1.19, why are the 1.1.19rc's being added to? Reply
They aren't - some of the 1.1.19 release candidates contained the fix, some didn't. Get the final 1.1.19 release... Reply
it's very hard to avoid this case for current CUPS implementation. blocking socket and one big select().
If a client open a socket to a CUPS server and send a "POST" do not send other thing and do not close socket, the CUPS server will hang there. Reply