VYPR

Cups

by Openprinting

Source repositories

CVEs (96)

  • CVE-2007-0720Mar 13, 2007
    risk 0.00cvss epss 0.05

    The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service hang) via a "partially-negotiated" SSL connection, which prevents other requests from being accepted.

  • CVE-2005-4873Dec 31, 2005
    risk 0.00cvss epss 0.02

    Multiple stack-based buffer overflows in the phpcups PHP module for CUPS 1.1.23rc1 might allow context-dependent attackers to execute arbitrary code via vectors that result in long function parameters, as demonstrated by the cups_get_dest_options function in phpcups.c.

  • CVE-2005-3624Dec 31, 2005
    risk 0.00cvss epss 0.02

    The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer…

  • CVE-2005-2874Sep 13, 2005
    risk 0.00cvss epss 0.03

    The is_path_absolute function in scheduler/client.c for the daemon in CUPS before 1.1.23 allows remote attackers to cause a denial of service (CPU consumption by tight loop) via a "..\.." URL in an HTTP request.

  • CVE-2004-0923Jan 27, 2005
    risk 0.00cvss epss 0.00

    CUPS 1.1.20 and earlier records authentication information for a device URI in the error_log file, which allows local users to obtain user names and passwords.

  • CVE-2004-1269Jan 10, 2005
    risk 0.00cvss epss 0.09

    lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it encounters a file-size resource limit while writing to passwd.new, which causes subsequent invocations of lppasswd to fail.

  • CVE-2004-1268Jan 10, 2005
    risk 0.00cvss epss 0.00

    lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file, which allows local users to corrupt the file by filling the associated file system and triggering the write errors.

  • CVE-2003-0788Dec 1, 2003
    risk 0.00cvss epss 0.02

    Unknown vulnerability in the Internet Printing Protocol (IPP) implementation in CUPS before 1.1.19 allows remote attackers to cause a denial of service (CPU consumption from a "busy loop") via certain inputs to the IPP port (TCP 631).

  • CVE-2002-1384Jan 2, 2003
    risk 0.00cvss epss 0.01

    Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf.

  • CVE-2002-1371Dec 26, 2002
    risk 0.00cvss epss 0.05

    filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check for zero-length GIF images, which allows remote attackers to execute arbitrary code via modified chunk headers, as demonstrated by nogif.

  • CVE-2002-1367Dec 26, 2002
    risk 0.00cvss epss 0.04

    Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to add printers without authentication via a certain UDP packet, which can then be used to perform unauthorized activities such as stealing the local root certificate for the administration server…

  • CVE-2002-1366Dec 26, 2002
    risk 0.00cvss epss 0.00

    Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows local users with lp privileges to create or overwrite arbitrary files via file race conditions, as demonstrated by ice-cream.

  • CVE-2002-0063Mar 8, 2002
    risk 0.00cvss epss 0.04

    Buffer overflow in ippRead function of CUPS before 1.1.14 may allow attackers to execute arbitrary code via long attribute names or language values.

  • CVE-2001-1332May 10, 2001
    risk 0.00cvss epss 0.04

    Buffer overflows in Linux CUPS before 1.1.6 may allow remote attackers to execute arbitrary code.

  • CVE-2001-0194May 3, 2001
    risk 0.00cvss epss 0.04

    Buffer overflow in httpGets function in CUPS 1.1.5 allows remote attackers to execute arbitrary commands via a long input line.

  • CVE-2000-0510Jun 21, 2000
    risk 0.00cvss epss 0.02

    CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of service via a malformed IPP request.

Page 5 of 5