Lucene search
+L

203 matches found

RedHat Linux
RedHat Linux
added 2024/10/02 6:32 p.m.7 views

cups-browsed: cups-filters: cups-browsed vulnerable to DDoS amplification attack

A flaw was found in cups-browsed. This vulnerability allows an attacker to launch DDoS amplification attacks via an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added...

7.5CVSS5.8AI score0.00853EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/10/02 6:21 p.m.3 views

cups: libppd: remote command injection via attacker controlled data in PPD file

A security vulnerability was found in OpenPrinting CUPS. The function ppdCreatePPDFromIPP2 in the libppd library is responsible for generating a PostScript Printer Description PPD file based on attributes retrieved from an Internet Printing Protocol IPP response. Essentially, it takes printer...

9.8CVSS5.9AI score0.62474EPSS
Exploits6References7
RedHat Linux
RedHat Linux
added 2024/10/02 6:21 p.m.5 views

cups-filters: libcupsfilters: `cfGetPrinterAttributes` API does not perform sanitization on returned IPP attributes

A flaw was found in OpenPrinting CUPS. In certain conditions, a remote attacker can add a malicious printer or directly hijack an existing printer by replacing the valid IPP URL with a malicious one. Also, it is possible that due to a lack of validation of IPP attributes returned by the server,...

8.6CVSS5.8AI score0.76959EPSS
Exploits5References7
RedHat Linux
RedHat Linux
added 2024/10/02 12:0 p.m.5 views

cups-filters: libcupsfilters: `cfGetPrinterAttributes` API does not perform sanitization on returned IPP attributes

A flaw was found in OpenPrinting CUPS. In certain conditions, a remote attacker can add a malicious printer or directly hijack an existing printer by replacing the valid IPP URL with a malicious one. Also, it is possible that due to a lack of validation of IPP attributes returned by the server,...

8.6CVSS5.8AI score0.76959EPSS
Exploits5References7
RedHat Linux
RedHat Linux
added 2024/10/02 11:38 a.m.6 views

cups: libppd: remote command injection via attacker controlled data in PPD file

A security vulnerability was found in OpenPrinting CUPS. The function ppdCreatePPDFromIPP2 in the libppd library is responsible for generating a PostScript Printer Description PPD file based on attributes retrieved from an Internet Printing Protocol IPP response. Essentially, it takes printer...

9.8CVSS5.9AI score0.62474EPSS
Exploits6References7
RedHat Linux
RedHat Linux
added 2024/10/02 11:35 a.m.5 views

cups: libppd: remote command injection via attacker controlled data in PPD file

A security vulnerability was found in OpenPrinting CUPS. The function ppdCreatePPDFromIPP2 in the libppd library is responsible for generating a PostScript Printer Description PPD file based on attributes retrieved from an Internet Printing Protocol IPP response. Essentially, it takes printer...

9.8CVSS5.9AI score0.62474EPSS
Exploits6References7
RedHat Linux
RedHat Linux
added 2024/10/01 6:38 p.m.6 views

cups-filters: libcupsfilters: `cfGetPrinterAttributes` API does not perform sanitization on returned IPP attributes

A flaw was found in OpenPrinting CUPS. In certain conditions, a remote attacker can add a malicious printer or directly hijack an existing printer by replacing the valid IPP URL with a malicious one. Also, it is possible that due to a lack of validation of IPP attributes returned by the server,...

8.6CVSS5.8AI score0.76959EPSS
Exploits5References7
RedHat Linux
RedHat Linux
added 2024/10/01 6:38 p.m.9 views

cups: libppd: remote command injection via attacker controlled data in PPD file

A security vulnerability was found in OpenPrinting CUPS. The function ppdCreatePPDFromIPP2 in the libppd library is responsible for generating a PostScript Printer Description PPD file based on attributes retrieved from an Internet Printing Protocol IPP response. Essentially, it takes printer...

9.8CVSS5.9AI score0.62474EPSS
Exploits6References7
RedHat Linux
RedHat Linux
added 2024/10/01 6:35 p.m.17 views

cups: libppd: remote command injection via attacker controlled data in PPD file

A security vulnerability was found in OpenPrinting CUPS. The function ppdCreatePPDFromIPP2 in the libppd library is responsible for generating a PostScript Printer Description PPD file based on attributes retrieved from an Internet Printing Protocol IPP response. Essentially, it takes printer...

9.8CVSS5.9AI score0.62474EPSS
Exploits6References7
RedHat Linux
RedHat Linux
added 2024/10/01 6:35 p.m.5 views

cups-filters: libcupsfilters: `cfGetPrinterAttributes` API does not perform sanitization on returned IPP attributes

A flaw was found in OpenPrinting CUPS. In certain conditions, a remote attacker can add a malicious printer or directly hijack an existing printer by replacing the valid IPP URL with a malicious one. Also, it is possible that due to a lack of validation of IPP attributes returned by the server,...

8.6CVSS5.8AI score0.76959EPSS
Exploits5References7
RedHat Linux
RedHat Linux
added 2024/10/01 6:26 p.m.6 views

cups: libppd: remote command injection via attacker controlled data in PPD file

A security vulnerability was found in OpenPrinting CUPS. The function ppdCreatePPDFromIPP2 in the libppd library is responsible for generating a PostScript Printer Description PPD file based on attributes retrieved from an Internet Printing Protocol IPP response. Essentially, it takes printer...

9.8CVSS5.9AI score0.62474EPSS
Exploits6References7
RedHat Linux
RedHat Linux
added 2024/10/01 6:26 p.m.8 views

cups-filters: libcupsfilters: `cfGetPrinterAttributes` API does not perform sanitization on returned IPP attributes

A flaw was found in OpenPrinting CUPS. In certain conditions, a remote attacker can add a malicious printer or directly hijack an existing printer by replacing the valid IPP URL with a malicious one. Also, it is possible that due to a lack of validation of IPP attributes returned by the server,...

8.6CVSS5.8AI score0.76959EPSS
Exploits5References7
OSV
OSV
added 2024/10/01 11:15 a.m.6 views

USN-7041-2 cups vulnerability

USN-7041-1 fixed a vulnerability in CUPS. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: Simone Margaritelli discovered that CUPS incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate P...

9.8CVSS7.3AI score0.62474EPSS
Exploits6References2
RedHat Linux
RedHat Linux
added 2024/09/27 8:20 p.m.5 views

cups: libppd: remote command injection via attacker controlled data in PPD file

A security vulnerability was found in OpenPrinting CUPS. The function ppdCreatePPDFromIPP2 in the libppd library is responsible for generating a PostScript Printer Description PPD file based on attributes retrieved from an Internet Printing Protocol IPP response. Essentially, it takes printer...

9.8CVSS5.9AI score0.62474EPSS
Exploits6References7
RedHat Linux
RedHat Linux
added 2024/09/27 8:20 p.m.4 views

cups-browsed: cups-filters: cups-browsed vulnerable to DDoS amplification attack

A flaw was found in cups-browsed. This vulnerability allows an attacker to launch DDoS amplification attacks via an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added...

7.5CVSS5.8AI score0.00853EPSS
Exploits0References7
OSV
OSV
added 2024/09/26 10:15 p.m.2 views

DEBIAN-CVE-2024-47076

CUPS is a standards-based, open-source printing system, and libcupsfilters contains the code of the filters of the former cups-filters package as library functions to be used for the data format conversion tasks needed in Printer Applications. The cfGetPrinterAttributes5 function in libcupsfilter...

8.6CVSS8.2AI score0.76959EPSS
Exploits5References1
OSV
OSV
added 2024/09/26 10:15 p.m.1 views

DEBIAN-CVE-2024-47175

CUPS is a standards-based, open-source printing system, and libppd can be used for legacy PPD file support. The libppd function ppdCreatePPDFromIPP2 does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as cfGetPrinterAttributes5, can...

9.8CVSS8.1AI score0.62474EPSS
Exploits6References1
OSV
OSV
added 2024/09/26 8:40 p.m.5 views

USN-7045-1 libppd vulnerability

Simone Margaritelli discovered that libppd incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate PPD files and execute arbitrary code when a printer is used...

9.8CVSS7.3AI score0.62474EPSS
Exploits6References2
OSV
OSV
added 2024/09/26 8:35 p.m.7 views

USN-7044-1 libcupsfilters vulnerability

Simone Margaritelli discovered that libcupsfilters incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate PPD files and execute arbitrary code when a printer is used...

8.6CVSS7.6AI score0.76959EPSS
Exploits5References2
OSV
OSV
added 2024/09/26 8:12 p.m.16 views

USN-7041-1 cups vulnerability

Simone Margaritelli discovered that CUPS incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate PPD files and execute arbitrary code when a printer is used...

9.8CVSS7.3AI score0.62474EPSS
Exploits6References2
Rows per page
Query Builder