Debian Cups vulnerabilities

CVE-2004-1270 [LOW] CVE-2004-1270: cups - lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file d... lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to passwd.new via certain user input that triggers an error message. Scope: local bookworm: resolved (fixed in 1.1.22-2) bullse

CVE-2004-1268 [LOW] CVE-2004-1268: cups - lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file... lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file, which allows local users to corrupt the file by filling the associated file system and triggering the write errors. Scope: local bookworm: resolved (fixed in 1.1.22-2) bullseye: resolved (fixed in 1.1.22-2) forky: resolved (fixed in 1.1.22-2) sid: resolved (fixed in 1.1.22-2) trixie: resolve

CVE-2003-0788 [MEDIUM] CVE-2003-0788: cups - Unknown vulnerability in the Internet Printing Protocol (IPP) implementation in ... Unknown vulnerability in the Internet Printing Protocol (IPP) implementation in CUPS before 1.1.19 allows remote attackers to cause a denial of service (CPU consumption from a "busy loop") via certain inputs to the IPP port (TCP 631). Scope: local bookworm: resolved (fixed in 1.1.19) bullseye: resolved (fixed in 1.1.19) forky: resolved (fixed in 1.1.19) sid: resolved (

CVE-2003-0195 [MEDIUM] CVE-2003-0195: cups - CUPS before 1.1.19 allows remote attackers to cause a denial of service via a pa... CUPS before 1.1.19 allows remote attackers to cause a denial of service via a partial printing request to the IPP port (631), which does not time out. Scope: local bookworm: resolved (fixed in 1.1.19final-1) bullseye: resolved (fixed in 1.1.19final-1) forky: resolved (fixed in 1.1.19final-1) sid: resolved (fixed in 1.1.19final-1) trixie: resolved (fixed in 1.1.19final-

CVE-2002-1369 [CRITICAL] CVE-2002-1369: cups - jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not prop... jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly use the strncat function call when processing the options string, which allows remote attackers to execute arbitrary code via a buffer overflow attack. Scope: local bookworm: resolved (fixed in 1.1.18-1) bullseye: resolved (fixed in 1.1.18-1) forky: resolved (fixed in 1.1.18-1) sid:

CVE-2002-1367 [CRITICAL] CVE-2002-1367: cups - Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers... Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to add printers without authentication via a certain UDP packet, which can then be used to perform unauthorized activities such as stealing the local root certificate for the administration server via a "need authorization" page, as demonstrated by new-coke. Scope: local bookworm: resolv

CVE-2002-1383 [CRITICAL] CVE-2002-1383: cups - Multiple integer overflows in Common Unix Printing System (CUPS) 1.1.14 through ... Multiple integer overflows in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allow remote attackers to execute arbitrary code via (1) the CUPSd HTTP interface, as demonstrated by vanilla-coke, and (2) the image handling code in CUPS filters, as demonstrated by mksun. Scope: local bookworm: resolved (fixed in 1.1.18-1) bullseye: resolved (fixed in 1.1.18-1)

CVE-2002-1371 [HIGH] CVE-2002-1371: cups - filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 ... filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check for zero-length GIF images, which allows remote attackers to execute arbitrary code via modified chunk headers, as demonstrated by nogif. Scope: local bookworm: resolved (fixed in 1.1.18-1) bullseye: resolved (fixed in 1.1.18-1) forky: resolved (fixed in 1.1.18-1) sid:

CVE-2002-1368 [HIGH] CVE-2002-1368: cups - Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers... Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing negative arguments to be fed into memcpy() calls via HTTP requests with (1) a negative Content-Length value or (2) a negative length in a chunked transfer encoding. Scope: local bookworm: resolved (fixed in 1

CVE-2002-1372 [HIGH] CVE-2002-1372: cups - Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check... Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descriptors to be assigned and not released, as demonstrated by fanta. Scope: local bookworm: resolved (fixed in 1.1.18-1) bullseye:

CVE-2002-1384 [HIGH] CVE-2002-1384: cups - Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS ... Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf. Scope: local bookworm: resolved (fixed in 1.1.18-1) bullseye: resolved (fixed in 1.1.18-1) forky: resolved (fixed in 1.1.18-1) sid: resolved (fixed

CVE-2002-1366 [MEDIUM] CVE-2002-1366: cups - Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows local users with... Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows local users with lp privileges to create or overwrite arbitrary files via file race conditions, as demonstrated by ice-cream. Scope: local bookworm: resolved (fixed in 1.1.18-1) bullseye: resolved (fixed in 1.1.18-1) forky: resolved (fixed in 1.1.18-1) sid: resolved (fixed in 1.1.18-1) trixie: resolved (fi

CVE-2001-1508 [MEDIUM] CVE-2001-1508: cups - Buffer overflow in lpstat in SCO OpenServer 5.0 through 5.0.6a allows local user... Buffer overflow in lpstat in SCO OpenServer 5.0 through 5.0.6a allows local users to execute arbitrary code as group bin via a long command line argument. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved