VYPR

Cups

by Easy Software Products

Source repositories

CVEs (39)

  • CVE-2004-0923Jan 27, 2005
    risk 0.00cvss epss 0.00

    CUPS 1.1.20 and earlier records authentication information for a device URI in the error_log file, which allows local users to obtain user names and passwords.

  • CVE-2004-0889Jan 27, 2005
    risk 0.00cvss epss 0.06

    Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.

  • CVE-2004-0926Jan 27, 2005
    risk 0.00cvss epss 0.05

    Heap-based buffer overflow in Apple QuickTime on Mac OS 10.2.8 through 10.3.5 may allow remote attackers to execute arbitrary code via a certain BMP image.

  • CVE-2004-0927Jan 27, 2005
    risk 0.00cvss epss 0.01

    ServerAdmin in Mac OS X 10.2.8 through 10.3.5 uses the same example self-signed certificate on each system, which allows remote attackers to decrypt sessions.

  • CVE-2004-1269Jan 10, 2005
    risk 0.00cvss epss 0.09

    lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it encounters a file-size resource limit while writing to passwd.new, which causes subsequent invocations of lppasswd to fail.

  • CVE-2004-1268Jan 10, 2005
    risk 0.00cvss epss 0.00

    lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file, which allows local users to corrupt the file by filling the associated file system and triggering the write errors.

  • CVE-2004-1270Jan 10, 2005
    risk 0.00cvss epss 0.00

    lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to passwd.new via certain user…

  • CVE-2003-0788Dec 1, 2003
    risk 0.00cvss epss 0.02

    Unknown vulnerability in the Internet Printing Protocol (IPP) implementation in CUPS before 1.1.19 allows remote attackers to cause a denial of service (CPU consumption from a "busy loop") via certain inputs to the IPP port (TCP 631).

  • CVE-2002-1384Jan 2, 2003
    risk 0.00cvss epss 0.01

    Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf.

  • CVE-2002-1366Dec 26, 2002
    risk 0.00cvss epss 0.00

    Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows local users with lp privileges to create or overwrite arbitrary files via file race conditions, as demonstrated by ice-cream.

  • CVE-2002-1371Dec 26, 2002
    risk 0.00cvss epss 0.05

    filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check for zero-length GIF images, which allows remote attackers to execute arbitrary code via modified chunk headers, as demonstrated by nogif.

  • CVE-2002-1367Dec 26, 2002
    risk 0.00cvss epss 0.04

    Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to add printers without authentication via a certain UDP packet, which can then be used to perform unauthorized activities such as stealing the local root certificate for the administration server…

  • CVE-2002-0063Mar 8, 2002
    risk 0.00cvss epss 0.04

    Buffer overflow in ippRead function of CUPS before 1.1.14 may allow attackers to execute arbitrary code via long attribute names or language values.

  • CVE-2001-1333May 10, 2001
    risk 0.00cvss epss 0.00

    Linux CUPS before 1.1.6 does not securely handle temporary files, possibly due to a symlink vulnerability that could allow local users to overwrite files.

  • CVE-2001-1332May 10, 2001
    risk 0.00cvss epss 0.04

    Buffer overflows in Linux CUPS before 1.1.6 may allow remote attackers to execute arbitrary code.

  • CVE-2001-0194May 3, 2001
    risk 0.00cvss epss 0.04

    Buffer overflow in httpGets function in CUPS 1.1.5 allows remote attackers to execute arbitrary commands via a long input line.

  • CVE-2000-0513Jun 21, 2000
    risk 0.00cvss epss 0.02

    CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of service by authenticating with a user name that does not exist or does not have a shadow password.

  • CVE-2000-0511Jun 21, 2000
    risk 0.00cvss epss 0.02

    CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of service via a CGI POST request.

  • CVE-2000-0512Jun 16, 2000
    risk 0.00cvss epss 0.02

    CUPS (Common Unix Printing System) 1.04 and earlier does not properly delete request files, which allows a remote attacker to cause a denial of service.

Page 2 of 2