Intrusion PreventionCUPS.GIF.Decoding.Routine.Buffer.Overflow
Description
This indicates an attempt to exploit a buffer-overflow vulnerability in CUPS.
The vulnerability is caused by a boundary error in the handling of malformed GIF files and may be exploited by remote attackers to compromise a vulnerable system or cause denial of service.
Affected Products
Ubuntu Ubuntu Linux 7.10
Ubuntu Ubuntu Linux 7.04
Ubuntu Ubuntu Linux 6.10
Ubuntu Ubuntu Linux 6.06
Turbolinux Turbolinux Server 10.0
Turbolinux Turbolinux Server 11 x64
Turbolinux Turbolinux Server 11
Turbolinux Turbolinux Server 10.0.0 x64
TurboLinux Personal
TurboLinux Multimedia
Turbolinux FUJI 0
Turbolinux Appliance Server Workgroup Edition 1.0
Turbolinux Appliance Server Hosting Edition 1.0
Turbolinux Appliance Server 1.0 Workgroup Edition
Turbolinux Appliance Server 1.0 Hosting Edition
Turbolinux Appliance Server 3.0 x64
Turbolinux Appliance Server 3.0
Turbolinux Appliance Server 2.0
Slackware Linux 12.0
S.u.S.E. SUSE Linux Enterprise Server 10 SP1
S.u.S.E. SUSE Linux Enterprise Desktop 10 SP1
S.u.S.E. openSUSE 10.3
S.u.S.E. openSUSE 10.2
S.u.S.E. Open-Enterprise-Server 0
S.u.S.E. Novell Linux POS 9
S.u.S.E. Novell Linux Desktop 9
S.u.S.E. Linux Enterprise Server 9
S.u.S.E. Linux 10.1 x86-64
S.u.S.E. Linux 10.1 x86
S.u.S.E. Linux 10.1 ppc
rPath rPath Linux 1
RedHat Fedora 8 0
RedHat Fedora 7 0
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux Desktop Workstation 5 client
RedHat Enterprise Linux Desktop 5 client
RedHat Enterprise Linux AS 4
RedHat Enterprise Linux AS 3
RedHat Enterprise Linux 5 server
RedHat Desktop 4.0
RedHat Desktop 3.0
MandrakeSoft Linux Mandrake 2008.0 x86_64
MandrakeSoft Linux Mandrake 2008.0
MandrakeSoft Linux Mandrake 2007.1 x86_64
MandrakeSoft Linux Mandrake 2007.1
MandrakeSoft Linux Mandrake 2007.0 x86_64
MandrakeSoft Linux Mandrake 2007.0
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
MandrakeSoft Corporate Server 4.0
Gentoo net-print/cups 1.2.12-r6
Easy Software Products CUPS 1.3.6
Impact
System Compromise
Denial of Service
Recommended Actions
Apply the patch from the vendor provided in this link:
http://www.cups.org/str.php?L2765
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2018-10-16 | 13.473 | Sig Added |
| ID | 15719 |
| Created | Aug 08, 2008 |
| Updated | Nov 15, 2021 |
| Risk |
|
| CVE ID | CVE-2008-1373 |
| Exploit Prediction Score | 95.4% |
| Default Action | drop |
| Active | |
| Affected OS | Linux |
| Affected App | Other |