Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > November 2005 > SCO Security Advisory: SCOSA-2005.51 - OpenServer 5.0.7 OpenServer 6.0.0 : CUPS Denial of Service Vulnerability

November 2005

SCO Security Advisory: SCOSA-2005.51 - OpenServer 5.0.7 OpenServer 6.0.0 : CUPS Denial of Service Vulnerability

ID: 01048
Ref: 983/2005
Date: 25 November 2005:11:10:37
Version: 1
Title: SCO Security Advisory: SCOSA-2005.51 - OpenServer 5.0.7 OpenServer 6.0.0 : CUPS Denial of Service Vulnerability
Abstract: A remote user can cause the CUPS service to hang and consume all available CPU resources. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2874 to this issue.
Vendors affected: SCO
Operating systems affected: SCO
Applications affected: SCO
Title
=====

SCO Security Advisory: SCOSA-2005.51 - OpenServer 5.0.7 OpenServer 6.0.0 :
CUPS Denial of Service Vulnerability

Detail
======

A remote user can cause the CUPS service to hang and consume all available
CPU resources.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CVE-2005-2874 to this issue.


*** PGP SIGNATURE VERIFICATION ***
*** Status: Unknown Signature
*** Signer: Unknown Key (0xB8A9AE21)
*** Signed: 24/11/2005 15:33:24
*** Verified: 25/11/2005 09:07:59
*** BEGIN PGP VERIFIED MESSAGE ***

______________________________________________________________________________

SCO Security Advisory

Subject: OpenServer 5.0.7 OpenServer 6.0.0 : CUPS Denial of Service
Vulnerability
Advisory number: SCOSA-2005.51
Issue date: 2005 November 24
Cross reference: fz533150
sr891399 fz530152 erg712687
CVE-2004-0558 CVE-2005-2874

______________________________________________________________________________


1. Problem Description

A remote user can cause the CUPS service to hang and consume all
available CPU resources.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2005-2874 to this issue.

The OpenServer 5.0.7 CUPS is additionally vulnerable to the
following:

CUPS versions prior to 1.1.21 are vulnerable to a denial of
service attack. By sending a specially-crafted UDP packet to the
IPP port, a remote attacker could cause a denial of service.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2004-0558 to this issue.


2. Vulnerable Supported Versions

System Binaries
----------------------------------------------------------------------
OpenServer 5.0.7 cups distribution
OpenServer 6.0.0 cups distribution


3. Solution

The proper solution is to install the latest packages.


4. OpenServer 5.0.7

4.1 Location of Fixed Binaries

The fixes are only available in SCO OpenServer Release 5.0.7
Maintenance Pack 4 or later.

ftp://ftp.sco.com/pub/openserver5/507/mp/osr507mp4/osr507mp4_vol.tar


4.2 Verification

MD5 (osr507mp4_vol.tar) = 4c87d840ff5b43221258547d19030228

md5 is available for download from
ftp://ftp.sco.com/pub/security/tools


4.3 Installing Fixed Binaries

See the SCO OpenServer Release 5.0.7 Maintenance Pack 4 Release
and Installation Notes:

ftp://ftp.sco.com/pub/openserver5/507/mp/osr507mp4/osr507mp4.htm


5. OpenServer 6.0.0

5.1 Location of Fixed Binaries

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.51


5.2 Verification

MD5 (VOL.000.000) = 99663199247aa130ffe9c3bfa4a349db

md5 is available for download from
ftp://ftp.sco.com/pub/security/tools


5.3 Installing Fixed Binaries

Upgrade the affected binaries with the following sequence:

1) Download the VOL* files to a directory.

2) Run the custom command, specify an install
from media images, and specify the directory as
the location of the images.


6. References

Specific references for this advisory:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0558
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2874
http://securitytracker.com/id?1012811
http://www.cups.org/relnotes.php#010123
http://www.cups.org/str.php?L1042+P0+S-1+C0+I0+E0+Q1042
http://xforce.iss.net/xforce/xfdb/17389

SCO security resources:
http://www.sco.com/support/security/index.html

SCO security advisories via email
http://www.sco.com/support/forums/security.html

This security fix closes SCO incidents fz533150 sr891399
fz530152 erg712687.


7. Disclaimer

SCO is not responsible for the misuse of any of the information
we provide on this website and/or through our security
advisories. Our advisories are a service to our customers
intended to promote secure installation and use of SCO
products.


______________________________________________________________________________

*** END PGP VERIFIED MESSAGE ***
  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |