Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2008-5184HistoryNov 21, 2008 - 2:30 a.m.
CVE-2008-5184
2008-11-2102:30:00
Debian Security Bug Tracker
security-tracker.debian.org
14
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.013 Low
EPSS
Percentile
85.5%
The web interface (cgi-bin/admin.c) in CUPS before 1.3.8 uses the guest username when a user is not logged on to the web server, which makes it easier for remote attackers to bypass intended policy and conduct CSRF attacks via the (1) add and (2) cancel RSS subscription functions.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | cups | < 1.3.8-1 | cups_1.3.8-1_all.deb |
| Debian | 11 | all | cups | < 1.3.8-1 | cups_1.3.8-1_all.deb |
| Debian | 10 | all | cups | < 1.3.8-1 | cups_1.3.8-1_all.deb |
| Debian | 999 | all | cups | < 1.3.8-1 | cups_1.3.8-1_all.deb |
| Debian | 13 | all | cups | < 1.3.8-1 | cups_1.3.8-1_all.deb |
Related
ubuntucve
ubuntucve
CVE-2008-5184
2008-11-21 00:00:00
CVE-2008-5183
2008-11-21 00:00:00
prion
prion
Cross site request forgery (csrf)
2008-11-21 02:30:00
Null pointer dereference
2008-11-21 02:30:00
cve
cve
CVE-2008-5184
2008-11-21 02:30:00
CVE-2008-5183
2008-11-21 02:30:00
nessus
nessus
openSUSE Security Update : cups (cups-322)
2009-07-21 00:00:00
openSUSE Security Update : cups (cups-356)
2009-07-21 00:00:00
Mandriva Linux Security Advisory : cups (MDVSA-2009:028)
2009-04-23 00:00:00
openvas
openvas
CUPS < 1.3.8 DoS Vulnerability
2008-11-26 00:00:00
FreeBSD Ports: cups-base
2008-12-03 00:00:00
FreeBSD Ports: cups-base
2008-12-03 00:00:00
debiancve
debiancve
CVE-2008-5183
2008-11-21 02:30:00
securityvulns
securityvulns
CUPS integer overflow
2008-12-03 00:00:00
ubuntu
ubuntu
CUPS vulnerabilities
2009-01-12 00:00:00
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.013 Low
EPSS
Percentile
85.5%
Related for DEBIANCVE:CVE-2008-5184