Lucene search
CanonicalCVELIST:CVE-2008-5184HistoryNov 21, 2008 - 2:00 a.m.
CVE-2008-5184
2008-11-2102:00:00
canonical
www.cve.org
The web interface (cgi-bin/admin.c) in CUPS before 1.3.8 uses the guest username when a user is not logged on to the web server, which makes it easier for remote attackers to bypass intended policy and conduct CSRF attacks via the (1) add and (2) cancel RSS subscription functions.
Related
debiancve
debiancve
CVE-2008-5184
2008-11-21 02:30:00
CVE-2008-5183
2008-11-21 02:30:00
cve
cve
CVE-2008-5184
2008-11-21 02:30:00
CVE-2008-5183
2008-11-21 02:30:00
prion
prion
Cross site request forgery (csrf)
2008-11-21 02:30:00
Null pointer dereference
2008-11-21 02:30:00
nvd
nvd
CVE-2008-5184
2008-11-21 02:30:00
CVE-2008-5183
2008-11-21 02:30:00
ubuntucve
ubuntucve
CVE-2008-5184
2008-11-21 00:00:00
CVE-2008-5183
2008-11-21 00:00:00
nessus
nessus
openSUSE Security Update : cups (cups-322)
2009-07-21 00:00:00
openSUSE Security Update : cups (cups-356)
2009-07-21 00:00:00
Mandriva Linux Security Advisory : cups (MDVSA-2009:028)
2009-04-23 00:00:00
openvas
openvas
CUPS < 1.3.8 DoS Vulnerability
2008-11-26 00:00:00
FreeBSD Ports: cups-base
2008-12-03 00:00:00
FreeBSD Ports: cups-base
2008-12-03 00:00:00
cvelist
cvelist
CVE-2008-5183
2008-11-21 02:00:00
securityvulns
securityvulns
CUPS integer overflow
2008-12-03 00:00:00
ubuntu
ubuntu
CUPS vulnerabilities
2009-01-12 00:00:00