CVE-2004-1268

2005-01-1005:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cups

lppasswd

write errors

file corruption

local users

security vulnerability

6 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

5.2%

JSON

lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file, which allows local users to corrupt the file by filling the associated file system and triggering the write errors.

CPENameOperatorVersion
easy_software_products:cupseasy software products cupseq1.1.19_rc5
easy_software_products:cupseasy software products cupseq1.1.10
easy_software_products:cupseasy software products cupseq1.1.16
easy_software_products:cupseasy software products cupseq1.1.7
easy_software_products:cupseasy software products cupseq1.0.4_8
easy_software_products:cupseasy software products cupseq1.1.15
easy_software_products:cupseasy software products cupseq1.1.21
easy_software_products:cupseasy software products cupseq1.1.13
easy_software_products:cupseasy software products cupseq1.1.17
easy_software_products:cupseasy software products cupseq1.1.4_3

CPE	Name	Operator	Version
easy_software_products:cups	easy software products cups	eq	1.1.19_rc5
easy_software_products:cups	easy software products cups	eq	1.1.10
easy_software_products:cups	easy software products cups	eq	1.1.16
easy_software_products:cups	easy software products cups	eq	1.1.7
easy_software_products:cups	easy software products cups	eq	1.0.4_8
easy_software_products:cups	easy software products cups	eq	1.1.15
easy_software_products:cups	easy software products cups	eq	1.1.21
easy_software_products:cups	easy software products cups	eq	1.1.13
easy_software_products:cups	easy software products cups	eq	1.1.17
easy_software_products:cups	easy software products cups	eq	1.1.4_3