MDVSA-2008:036 -- Mandriva cupsID: oval:org.secpod.oval:def:301624 | Date: (C)2012-01-07 (M)2021-06-02 |
Class: PATCH | Family: unix |
Wei Wang found that the SNMP discovery backend in CUPS did not correctly calculate the length of strings. If a user could be tricked into scanning for printers, a remote attacker could send a specially crafted packet and possibly execute arbitrary code . As well, the fix for CVE-2007-0720 in MDKSA-2007:086 caused another denial of service regression within SSL handling . The updated packages have been patched to correct these issues.
Platform: |
Mandriva Linux 2007.0 |
Mandriva Linux 2007.1 |
Mandriva Linux 2008.0 |