Lucene search
+L

124 matches found

OpenVAS
OpenVAS
added 2014/11/04 12:0 a.m.28 views

RedHat Update for cups-filters RHSA-2014:1795-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.5AI score0.03007EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2014/11/03 6:29 p.m.5 views

cups-filters: cups-browsed DoS via process_browse_data() OOB read

An out-of-bounds read flaw was found in the way the processbrowsedata function of cups-browsed handled certain browse packets. A remote attacker could send a specially crafted browse packet that, when processed by cups-browsed, would crash the cups-browsed daemon...

4.3CVSS5.8AI score0.02943EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/11/03 6:29 p.m.65 views

Moderate: Red Hat Security Advisory: cups-filters security update

Updated cups-filters packages that fix two security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available...

4.3CVSS7.1AI score0.03007EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2014/11/03 6:29 p.m.4 views

cups-filters: unsupported BrowseAllow value lets cups-browsed accept from all hosts

A flaw was found in the way the cups-browsed daemon interpreted the "BrowseAllow" directive in the cups-browsed.conf file. An attacker able to add a malformed "BrowseAllow" directive to the cups-browsed.conf file could use this flaw to bypass intended access restrictions...

4CVSS5.7AI score0.03007EPSS
Exploits0References4
Oracle linux
Oracle linux
added 2014/11/03 12:0 a.m.45 views

cups-filters security update

1.0.35-15:.1 - Applied upstream patch to fix BrowseAllow parsing issue CVE-2014-4338, bug 1091568. - Applied upstream patch for cups-browsed DoS via processbrowsedata out-of-bounds read CVE-2014-4337, bug 1111510...

4.3CVSS3.7AI score0.03007EPSS
Exploits0
NVD
NVD
added 2014/06/22 9:55 p.m.26 views

CVE-2014-4336

The generatelocalqueue function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the host name. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2707...

5.8CVSS7.3AI score0.01063EPSS
Exploits0References3
OSV
OSV
added 2014/06/22 9:55 p.m.6 views

CVE-2014-4338

cups-browsed in cups-filters before 1.0.53 allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging a malformed cups-browsed.conf BrowseAllow directive that is interpreted as granting browse access to all IP addresses...

6.4AI score
Exploits0References8
OSV
OSV
added 2014/06/22 9:55 p.m.3 views

DEBIAN-CVE-2014-4337

The processbrowsedata function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote attackers to cause a denial of service out-of-bounds read and application crash via crafted packet data...

4.3CVSS7.2AI score0.02943EPSS
Exploits0References1
OSV
OSV
added 2014/06/22 9:55 p.m.2 views

DEBIAN-CVE-2014-4338

cups-browsed in cups-filters before 1.0.53 allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging a malformed cups-browsed.conf BrowseAllow directive that is interpreted as granting browse access to all IP addresses...

4CVSS7.4AI score0.03007EPSS
Exploits0References1
OSV
OSV
added 2014/06/22 9:55 p.m.4 views

DEBIAN-CVE-2014-4336

The generatelocalqueue function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the host name. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2707...

5.8CVSS7.9AI score0.01063EPSS
Exploits0References1
Prion
Prion
added 2014/06/22 9:55 p.m.26 views

Design/Logic Flaw

cups-browsed in cups-filters before 1.0.53 allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging a malformed cups-browsed.conf BrowseAllow directive that is interpreted as granting browse access to all IP addresses...

4CVSS7AI score0.03007EPSS
Exploits0References6Affected Software1
UbuntuCve
UbuntuCve
added 2014/06/22 9:55 p.m.31 views

CVE-2014-4336

The generatelocalqueue function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the host name. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2707...

5.8CVSS7.1AI score0.01063EPSS
Exploits0References3
OSV
OSV
added 2014/06/22 9:55 p.m.1 views

UBUNTU-CVE-2014-4337

The processbrowsedata function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote attackers to cause a denial of service out-of-bounds read and application crash via crafted packet data...

4.3CVSS7.1AI score0.02943EPSS
Exploits0References3
OSV
OSV
added 2014/06/22 9:55 p.m.6 views

UBUNTU-CVE-2014-4336

The generatelocalqueue function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the host name. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2707...

5.8CVSS7.4AI score0.01063EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2014/06/22 9:0 p.m.24 views

CVE-2014-4337

The processbrowsedata function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote attackers to cause a denial of service out-of-bounds read and application crash via crafted packet data...

4.3CVSS7AI score0.02943EPSS
Exploits0
Cvelist
Cvelist
added 2014/06/22 9:0 p.m.26 views

CVE-2014-4336

The generatelocalqueue function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the host name. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2707...

7.2AI score0.01063EPSS
Exploits0References3
CVE
CVE
added 2014/06/22 9:0 p.m.62 views

CVE-2014-4336

CVE-2014-4336 affects cups-filters (cups-browsed) where the generate_local_queue function in utils/cups-browsed.c allowed remote IPP printers to trigger shell commands via metacharacters in the host name. The issue arises from an incomplete fix for CVE-2014-2707 and is present in cups-filters bef...

5.8CVSS7.5AI score0.01063EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2014/06/22 9:0 p.m.67 views

CVE-2014-4338

CVE-2014-4338 affects cups-filters (cups-browsed) prior to 1.0.53. A malformed BrowseAllow directive in cups-browsed.conf can be interpreted as granting browse access to all IP addresses, bypassing intended access restrictions in opportunistic circumstances. Public references indicate the issue i...

4CVSS6.4AI score0.03007EPSS
Exploits0References6Affected Software1
securityvulns
securityvulns
added 2014/05/10 12:0 a.m.39 views

cups-filters code execution

cups-browsed shell characters vulnerabiilty...

8.3CVSS4.4AI score0.01174EPSS
Exploits1References1Affected Software1
Mageia
Mageia
added 2014/04/17 8:30 p.m.33 views

Updated cups-filters packages fix security vulnerability

Updated cups-filters packages fix security vulnerability: Sebastian Krahmer discovered it was possible to use malicious broadcast packets to execute arbitrary commands on a server running the cups- browsed daemon CVE-2014-2707. Note that only systems that have enabled the affected feature by usin...

8.3CVSS7.1AI score0.01174EPSS
Exploits1References2
Rows per page
Query Builder