CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
94.2%
CentOS Errata and Security Advisory CESA-2010:0129
The Common UNIX Printing System (CUPS) provides a portable printing layer
for UNIX operating systems.
It was discovered that the Red Hat Security Advisory RHSA-2009:1595 did not
fully correct the use-after-free flaw in the way CUPS handled references in
its file descriptors-handling interface. A remote attacker could send
specially-crafted queries to the CUPS server, causing it to crash.
(CVE-2010-0302)
Users of cups are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. After installing the
update, the cupsd daemon will be restarted automatically.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2010-March/078708.html
https://lists.centos.org/pipermail/centos-announce/2010-March/078709.html
Affected packages:
cups
cups-devel
cups-libs
cups-lpd
Upstream details at:
https://access.redhat.com/errata/RHSA-2010:0129
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 5 | x86_64 | cups | < 1.3.7-11.el5_4.6 | cups-1.3.7-11.el5_4.6.x86_64.rpm |
CentOS | 5 | i386 | cups-devel | < 1.3.7-11.el5_4.6 | cups-devel-1.3.7-11.el5_4.6.i386.rpm |
CentOS | 5 | x86_64 | cups-devel | < 1.3.7-11.el5_4.6 | cups-devel-1.3.7-11.el5_4.6.x86_64.rpm |
CentOS | 5 | i386 | cups-libs | < 1.3.7-11.el5_4.6 | cups-libs-1.3.7-11.el5_4.6.i386.rpm |
CentOS | 5 | x86_64 | cups-libs | < 1.3.7-11.el5_4.6 | cups-libs-1.3.7-11.el5_4.6.x86_64.rpm |
CentOS | 5 | x86_64 | cups-lpd | < 1.3.7-11.el5_4.6 | cups-lpd-1.3.7-11.el5_4.6.x86_64.rpm |
CentOS | 5 | x86_64 | cups | < 1.3.7-11.el5_4.6 | cups-1.3.7-11.el5_4.6.x86_64.rpm |
CentOS | 5 | i386 | cups-devel | < 1.3.7-11.el5_4.6 | cups-devel-1.3.7-11.el5_4.6.i386.rpm |
CentOS | 5 | x86_64 | cups-devel | < 1.3.7-11.el5_4.6 | cups-devel-1.3.7-11.el5_4.6.x86_64.rpm |
CentOS | 5 | i386 | cups-libs | < 1.3.7-11.el5_4.6 | cups-libs-1.3.7-11.el5_4.6.i386.rpm |
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
94.2%