ID CVE-2007-0720
Summary The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service hang) via a "partially-negotiated" SSL connection, which prevents other requests from being accepted.
References
Vulnerable Configurations
  • Cups
    cpe:2.3:a:cups:cups
CVSS
Base: 5.0 (as of 14-03-2007 - 09:24)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201412-11.NASL
    description The remote host is affected by the vulnerability described in GLSA-201412-11 (AMD64 x86 emulation base libraries: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in AMD64 x86 emulation base libraries. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker may be able to execute arbitrary code, cause a Denial of Service condition, or obtain sensitive information. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2016-11-11
    plugin id 79964
    published 2014-12-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79964
    title GLSA-201412-11 : AMD64 x86 emulation base libraries: Multiple vulnerabilities (Heartbleed)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2007-0123.NASL
    description From Red Hat Security Advisory 2007:0123 : Updated CUPS packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Common UNIX Printing System (CUPS) provides a portable printing layer for UNIX(R) operating systems. A bug was found in the way CUPS handled SSL negotiation. A remote user capable of connecting to the CUPS daemon could cause a denial of service to other CUPS users. (CVE-2007-0720) All users of CUPS should upgrade to these updated packages, which contain a backported patch introducing a timeout, which prevents connections being kept open for an arbitrarily long time.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 67462
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67462
    title Oracle Linux 3 / 4 / 5 : cups (ELSA-2007-0123)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_10_4_9.NASL
    description The remote host is running a version of Mac OS X 10.4 which is older than version 10.4.9 or a version of Mac OS X 10.3 which does not have Security Update 2007-003 applied. This update contains several security fixes for the following programs : - ColorSync - CoreGraphics - Crash Reporter - CUPS - Disk Images - DS Plugins - Flash Player - GNU Tar - HFS - HID Family - ImageIO - Kernel - MySQL server - Networking - OpenSSH - Printing - QuickDraw Manager - servermgrd - SMB File Server - Software Update - sudo - WebLog
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 24811
    published 2007-03-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24811
    title Mac OS X < 10.4.9 Multiple Vulnerabilities (Security Update 2007-003)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_CUPS-3136.NASL
    description By keeping a partially negotiated SSL connection open an attacker could prevent the cups server from accepting other requests (CVE-2007-0720).
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27192
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27192
    title openSUSE 10 Security Update : cups (cups-3136)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_CUPS-3715.NASL
    description The previous cups update (CVE-2007-0720) was incomplete and could lead to cupsd crashing.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27193
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27193
    title openSUSE 10 Security Update : cups (cups-3715)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2007-0123.NASL
    description Updated CUPS packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Common UNIX Printing System (CUPS) provides a portable printing layer for UNIX(R) operating systems. A bug was found in the way CUPS handled SSL negotiation. A remote user capable of connecting to the CUPS daemon could cause a denial of service to other CUPS users. (CVE-2007-0720) All users of CUPS should upgrade to these updated packages, which contain a backported patch introducing a timeout, which prevents connections being kept open for an arbitrarily long time.
    last seen 2019-02-21
    modified 2018-11-16
    plugin id 25065
    published 2007-04-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25065
    title RHEL 3 / 4 / 5 : cups (RHSA-2007:0123)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_39988EE8191811DCB6BD0016179B2DD5.NASL
    description Secunia reports : CUPS is not using multiple workers to handle connections. This can be exploited to stop CUPS from accepting new connections by starting but never completing an SSL negotiation.
    last seen 2019-02-21
    modified 2018-12-19
    plugin id 25512
    published 2007-06-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25512
    title FreeBSD : cups -- Incomplete SSL Negotiation Denial of Service (39988ee8-1918-11dc-b6bd-0016179b2dd5)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200703-28.NASL
    description The remote host is affected by the vulnerability described in GLSA-200703-28 (CUPS: Denial of Service) CUPS does not properly handle partially-negotiated SSL connections. Upon receiving a partially-negotiated SSL connection, CUPS no longer accepts further incoming connections, as the initial connection never times out. Impact : An attacker could partially negotiate an SSL connection with a CUPS server, and cause future connections to that server to fail, resulting in a Denial of Service. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 24933
    published 2007-04-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24933
    title GLSA-200703-28 : CUPS: Denial of Service
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2007-1219.NASL
    description Security fix update. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-21
    plugin id 24820
    published 2007-03-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24820
    title Fedora Core 5 : cups-1.2.8-1.fc5 (2007-1219)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_CUPS-3137.NASL
    description By keeping a partially negotiated SSL connection open an attacker could prevent the cups server from accepting other requests. (CVE-2007-0720)
    last seen 2019-02-21
    modified 2012-05-17
    plugin id 29410
    published 2007-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29410
    title SuSE 10 Security Update : CUPS (ZYPP Patch Number 3137)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2007-086.NASL
    description A flaw was discovered in how CUPS handled SSL negotiation that could allow a remote attacker capable of connecting to the CUPS daemon to cause a DoS to other CUPS users. Updated packages have been patched to correct this issue.
    last seen 2019-02-21
    modified 2018-12-05
    plugin id 25064
    published 2007-04-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25064
    title Mandrake Linux Security Advisory : cups (MDKSA-2007:086)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2007-3100.NASL
    description This update fixes several PDF handling security issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 28162
    published 2007-11-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=28162
    title Fedora 7 : cups-1.2.12-7.fc7 (2007-3100)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2007-0123.NASL
    description Updated CUPS packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Common UNIX Printing System (CUPS) provides a portable printing layer for UNIX(R) operating systems. A bug was found in the way CUPS handled SSL negotiation. A remote user capable of connecting to the CUPS daemon could cause a denial of service to other CUPS users. (CVE-2007-0720) All users of CUPS should upgrade to these updated packages, which contain a backported patch introducing a timeout, which prevents connections being kept open for an arbitrarily long time.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 25041
    published 2007-04-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25041
    title CentOS 3 / 4 / 5 : cups (CESA-2007:0123)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2007-2982.NASL
    description This update fixes a remote code execution vulnerability in the IPP handling part of the CUPS scheduler, as well as several PDF handling security issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-12-08
    plugin id 27822
    published 2007-11-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27822
    title Fedora 8 : cups-1.3.4-2.fc8 (2007-2982)
  • NASL family Misc.
    NASL id CUPS_SSL_NEGOTIATION_DOS.NASL
    description The version of CUPS installed on the remote host suffers from a design flaw involving SSL auto-detection. By establishing a connection to a port on which the application attempts to auto-detect SSL and sending a single character, an unauthenticated, remote attacker can leverage this flaw to cause subsequent connections to hang until the first connection is closed.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 24901
    published 2007-03-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24901
    title CUPS Incomplete SSL Negotiation Remote DoS
  • NASL family SuSE Local Security Checks
    NASL id SUSE_CUPS-3716.NASL
    description The previous cups update (CVE-2007-0720) was incomplete and could lead to cupsd crashing.
    last seen 2019-02-21
    modified 2012-05-17
    plugin id 29411
    published 2007-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29411
    title SuSE 10 Security Update : cups (ZYPP Patch Number 3716)
oval via4
accepted 2013-04-29T04:11:03.502-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service hang) via a "partially-negotiated" SSL connection, which prevents other requests from being accepted.
family unix
id oval:org.mitre.oval:def:11046
status accepted
submitted 2010-07-09T03:56:16-04:00
title s from being accepted.
version 24
redhat via4
advisories
bugzilla
id 232241
title CVE-2007-0720 Incomplete SSL negotiation prevents other clients from connecting to CUPS server
oval
OR
  • AND
    • comment Red Hat Enterprise Linux 3 is installed
      oval oval:com.redhat.rhsa:tst:20060015001
    • OR
      • AND
        • comment cups is earlier than 1:1.1.17-13.3.42
          oval oval:com.redhat.rhsa:tst:20070123002
        • comment cups is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070123003
      • AND
        • comment cups-devel is earlier than 1:1.1.17-13.3.42
          oval oval:com.redhat.rhsa:tst:20070123006
        • comment cups-devel is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070123007
      • AND
        • comment cups-libs is earlier than 1:1.1.17-13.3.42
          oval oval:com.redhat.rhsa:tst:20070123004
        • comment cups-libs is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070123005
  • AND
    • comment Red Hat Enterprise Linux 4 is installed
      oval oval:com.redhat.rhsa:tst:20060016001
    • OR
      • AND
        • comment cups is earlier than 1:1.1.22-0.rc1.9.18
          oval oval:com.redhat.rhsa:tst:20070123009
        • comment cups is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070123003
      • AND
        • comment cups-devel is earlier than 1:1.1.22-0.rc1.9.18
          oval oval:com.redhat.rhsa:tst:20070123010
        • comment cups-devel is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070123007
      • AND
        • comment cups-libs is earlier than 1:1.1.22-0.rc1.9.18
          oval oval:com.redhat.rhsa:tst:20070123011
        • comment cups-libs is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070123005
  • AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhsa:tst:20070055001
    • OR
      • AND
        • comment cups is earlier than 1:1.2.4-11.5.1.el5
          oval oval:com.redhat.rhsa:tst:20070123013
        • comment cups is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070123014
      • AND
        • comment cups-devel is earlier than 1:1.2.4-11.5.1.el5
          oval oval:com.redhat.rhsa:tst:20070123019
        • comment cups-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070123020
      • AND
        • comment cups-libs is earlier than 1:1.2.4-11.5.1.el5
          oval oval:com.redhat.rhsa:tst:20070123017
        • comment cups-libs is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070123018
      • AND
        • comment cups-lpd is earlier than 1:1.2.4-11.5.1.el5
          oval oval:com.redhat.rhsa:tst:20070123015
        • comment cups-lpd is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070123016
rhsa
id RHSA-2007:0123
released 2007-04-16
severity Moderate
title RHSA-2007:0123: cups security update (Moderate)
rpms
  • cups-1:1.1.17-13.3.42
  • cups-devel-1:1.1.17-13.3.42
  • cups-libs-1:1.1.17-13.3.42
  • cups-1:1.1.22-0.rc1.9.18
  • cups-devel-1:1.1.22-0.rc1.9.18
  • cups-libs-1:1.1.22-0.rc1.9.18
  • cups-1:1.2.4-11.5.1.el5
  • cups-devel-1:1.2.4-11.5.1.el5
  • cups-libs-1:1.2.4-11.5.1.el5
  • cups-lpd-1:1.2.4-11.5.1.el5
refmap via4
apple APPLE-SA-2007-03-13
bid
  • 22948
  • 23127
bugtraq 20070325 FLEA-2007-0003-1: cups
cert TA07-072A
confirm
fedora FEDORA-2007-1219
gentoo GLSA-200703-28
mandriva MDKSA-2007:086
misc https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=232243
sectrack 1017750
secunia
  • 24479
  • 24517
  • 24530
  • 24660
  • 24878
  • 24895
  • 25119
  • 25497
  • 26083
  • 26413
suse
  • SUSE-SR:2007:009
  • SUSE-SR:2007:014
vupen
  • ADV-2007-0930
  • ADV-2007-0949
Last major update 13-07-2011 - 00:00
Published 13-03-2007 - 17:19
Last modified 16-10-2018 - 12:33
Back to Top