4 matches found
SUSE CVE-2004-1270
lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to passwd.new via certain user input that triggers...
FreeBSD Ports: cups-lpr, fr-cups-lpr
The remote host is missing an update to the system as announced in the referenced advisory. VID 7850a238-680a-11d9-a9e7-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
FreeBSD Ports: cups-lpr, fr-cups-lpr
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2004-1270
CVE-2004-1270 affects CUPS up to 1.1.22. When lppasswd runs in environments where file descriptors 0, 1, 2 may not be open, it does not verify that passwd.new is different from STDERR, enabling a local attacker to influence output to passwd.new by triggering an error. Public references (Ubuntu US...