CUPS Vulnerabilities

CVE 2001-0194

Impact

If this vulnerability is present, a local or remote attacker could gain root privileges on the server.

Background

The Common UNIX Printing System (CUPS) is a print server which can be used as an alternative to lpr or LPRng.

The Problem

Several buffer overflows and insecure file handling could allow a local or remote attacker to gain root privileges on the server.

Resolution

Download the latest version of CUPS. Alternatively, a temporary workaround would be to remove the set-userid bit from the lppasswd program:
chmod u-s /usr/bin/lppasswd

As an additional precaution, access to port 631/TCP from outside the network should be denied.

Where can I read more about this?

This vulnerability was announced in SuSE Security Announcement 2001:05.