Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-0558 — Software Products Cups vulnerability

8 documents8 sources

Severity

5.0MEDIUMNVD

EPSS

8.8%

top 7.47%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Apple Cups Easy Software Products Cups

Timeline

PublishedSep 28

Latest updateApr 29

Description

The Internet Printing Protocol (IPP) implementation in CUPS before 1.1.21 allows remote attackers to cause a denial of service (service hang) via a certain UDP packet to the IPP port.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶Debianapple/cups< 1.1.20final+rc1-6+3

▶NVDeasy_software_products/cups1.1.21

Patches

Patch: www.debian.org ↗Patch: www.redhat.com ↗Patch: bugzilla.fedora.us ↗

🔴Vulnerability Details

GHSA

GHSA-39hx-hjhc-q6p6: The Internet Printing Protocol (IPP) implementation in CUPS before 1↗2022-04-29

▶

OSV

CVE-2004-0558: The Internet Printing Protocol (IPP) implementation in CUPS before 1↗2004-09-28

▶

CVEList

CVE-2004-0558: The Internet Printing Protocol (IPP) implementation in CUPS before 1↗2004-09-17

▶

💥Exploits & PoCs

Exploit-DB

CUPS 1.1.x - UDP Packet Remote Denial of Service↗2004-09-15

▶

📋Vendor Advisories

Red Hat

security flaw↗2004-08-21

▶

Debian

CVE-2004-0558: cups - The Internet Printing Protocol (IPP) implementation in CUPS before 1.1.21 allows...↗2004

▶

💬Community

Bugzilla

CVE-2004-0558 security flaw↗2018-08-16

▶