CVE-2004-1268 — Software Products Cups vulnerability

8 documents8 sources

Severity

2.1LOWNVD

EPSS

0.1%

top 71.15%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Cups Easy Software Products Cups Redhat Fedora Core

Timeline

PublishedJan 10

Latest updateApr 29

Description

lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file, which allows local users to corrupt the file by filling the associated file system and triggering the write errors.

CVSS vector

AV:L/AC:L/C:N/I:P/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages3 packages

▶Debianapple/cups< 1.1.22-2+3

▶NVDeasy_software_products/cups22 versions+21

▶NVDredhat/fedora_corecore_2.0, core_3.0+1

🔴Vulnerability Details

GHSA

GHSA-7rhq-w6x9-x4gf: lppasswd in CUPS 1↗2022-04-29

▶

OSV

CVE-2004-1268: lppasswd in CUPS 1↗2005-01-10

▶

CVEList

CVE-2004-1268: lppasswd in CUPS 1↗2004-12-22

▶

📋Vendor Advisories

Ubuntu

CUPS vulnerabilities↗2004-12-23

▶

Red Hat

security flaw↗2004-12-15

▶

Debian

CVE-2004-1268: cups - lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file...↗2004

▶

💬Community

Bugzilla

CVE-2004-1268 security flaw↗2018-08-16

▶