Bug 169933 - CUPS daemon crash from IPP/SSL bug when repeatedly requesting web interface (possible DoS)
CUPS daemon crash from IPP/SSL bug when repeatedly requesting web interface (...
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: cups (Show other bugs)
3.0
i386 Linux
medium Severity high
: ---
: ---
Assigned To: Tim Waugh
:
Depends On: 163011
Blocks: 168424
  Show dependency treegraph
 
Reported: 2005-10-05 08:54 EDT by Tim Waugh
Modified: 2007-11-30 17:07 EST (History)
2 users (show)

See Also:
Fixed In Version: RHBA-2006-0034
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-03-15 10:50:11 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Tim Waugh 2005-10-05 08:54:50 EDT
+++ This bug was initially created as a clone of Bug #163011 +++

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20050524
Fedora/1.0.4-4 Firefox/1.0.4

Description of problem:
If you configure CUPS to require SSL encrypted IPP connections it's possible to
crash the CUPS server daemon by quickly and repeatedly requesting pages from the
web interface.

Version-Release number of selected component (if applicable):
cups-1.1.22-0.rc1.9.6

How reproducible:
Always

Steps to Reproduce:
1. Configure CUPS to require SSL IPP connections.
2. Connect with a web browser to the web interface over the SSL port, eg:
https://cupsserver:631/printers/testprinter
3. Hit refresh in the browser quickly several times, the CUPS daemon will crash
after ~3 refreshes.
  

Actual Results:  CUPS daemon crashes with the following in /var/log/cups/error_log:
E [12/Jul/2005:09:07:34 +0100] CloseClient: error:1409F07F:SSL
routines:SSL3_WRITE_PENDING:bad write retry
E [12/Jul/2005:09:07:34 +0100] CloseClient: error:1409F07F:SSL
routines:SSL3_WRITE_PENDING:bad write retry


Expected Results:  Daemon shouldn't crash :)

Additional info:

-- Additional comment from twaugh@redhat.com on 2005-08-02 08:35 EST --
How precisely are you configuring CUPS to require SSL IPP connections?  Are you
putting "Encryption Required" in cupsd.conf?  Which section are you putting it in?

-- Additional comment from peter.harvey@newcastle.ac.uk on 2005-08-15 10:13 EST --
Config file snippet:


SSLPort 443
..

<Location /printers>
 Order Deny,Allow
 Allow From x.x.x.x/24
 AuthType Basic
 AuthClass User
 Encryption required
 Satisfy all
</Location>


-- Additional comment from twaugh@redhat.com on 2005-08-15 12:00 EST --
2. Connect with a web browser to the web interface over the SSL port, eg:
https://cupsserver:631/printers/testprinter

Can you clarify this please?  Do you mean
'https://cupsserver:443/printers/testprinter'?

-- Additional comment from twaugh@redhat.com on 2005-08-15 12:01 EST --
Proposing for RHEL4 U3.

-- Additional comment from peter.harvey@newcastle.ac.uk on 2005-08-16 06:07 EST --
Yep sorry, that should've been:

SSLPort 631

-- Additional comment from twaugh@redhat.com on 2005-10-05 08:49 EST --
Confirmed.
Comment 2 Tim Waugh 2005-10-05 09:28:05 EDT
Reported upstream as: http://www.cups.org/str.php?L1290
Comment 9 Red Hat Bugzilla 2006-03-15 10:50:11 EST
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2006-0034.html

Note You need to log in before you can comment on or make changes to this bug.