Lucene search
K

13 matches found

Tenable Nessus
Tenable Nessus
added 2009/07/21 12:0 a.m.41 views

openSUSE Security Update : cups (cups-322)

local users could crash cups by adding a large number of RSS subscriptions CVE-2008-5183, CVE-2008-5184. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update cups-322. The text description of this...

10CVSS7.4AI score0.0921EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2009/07/21 12:0 a.m.39 views

openSUSE Security Update : cups (cups-356)

Previous updates for the PNG and HPGL filters were incomplete and are corrected now. Also cups used a guest user account for RSS subscriptions which made it eeasier for attackers to conduct CSRF attacks. CVE-2008-3641, CVE-2008-5184, CVE-2008-5286 %NASLMINLEVEL 70300 C Tenable Network Security,...

10CVSS6.6AI score0.24132EPSS
Exploits2References6
OpenVAS
OpenVAS
added 2009/06/05 12:0 a.m.27 views

Ubuntu: Security Advisory (USN-707-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.7AI score0.0921EPSS
Exploits9References2
OpenVAS
OpenVAS
added 2009/06/05 12:0 a.m.48 views

Ubuntu USN-707-1 (cupsys)

The remote host is missing an update to cupsys announced via advisory USN-707-1. OpenVAS Vulnerability Test $Id: ubuntu7071.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu7071.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-707-1 cupsys Authors: Thomas Rein...

10CVSS8.8AI score0.3857EPSS
Exploits49References1
RedHat Linux
RedHat Linux
added 2008/12/15 1:25 p.m.5 views

cups: DoS (daemon crash) caused by the large number of subscriptions

cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial of service daemon crash by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference. NOTE: this issue can be triggered remotely by leveraging CVE-2008-5184...

10CVSS7.2AI score0.0921EPSS
Exploits2References4
OpenVAS
OpenVAS
added 2008/12/03 12:0 a.m.22 views

FreeBSD Ports: cups-base

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

10CVSS7.5AI score0.04403EPSS
Exploits2References3
NVD
NVD
added 2008/11/21 2:30 a.m.30 views

CVE-2008-5184

The web interface cgi-bin/admin.c in CUPS before 1.3.8 uses the guest username when a user is not logged on to the web server, which makes it easier for remote attackers to bypass intended policy and conduct CSRF attacks via the 1 add and 2 cancel RSS subscription functions...

10CVSS7.4AI score0.03669EPSS
Exploits1References5
Prion
Prion
added 2008/11/21 2:30 a.m.28 views

Null pointer dereference

cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial of service daemon crash by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference. NOTE: this issue can be triggered remotely by leveraging CVE-2008-5184...

4.3CVSS6.3AI score0.0921EPSS
Exploits2References21Affected Software5
NVD
NVD
added 2008/11/21 2:30 a.m.18 views

CVE-2008-5183

cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial of service daemon crash by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference. NOTE: this issue can be triggered remotely by leveraging CVE-2008-5184...

7.5CVSS7.2AI score0.0921EPSS
Exploits1References21
CVE
CVE
added 2008/11/21 2:0 a.m.152 views

CVE-2008-5183

The CVE-2008-5183 issue affects CUPS

7.5CVSS7.3AI score0.0921EPSS
Exploits1References21Affected Software1
Cvelist
Cvelist
added 2008/11/21 2:0 a.m.30 views

CVE-2008-5183

cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial of service daemon crash by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference. NOTE: this issue can be triggered remotely by leveraging CVE-2008-5184...

7.3AI score0.0921EPSS
Exploits1References21
CVE
CVE
added 2008/11/21 2:0 a.m.653 views

CVE-2008-5184

CVE-2008-5184 affects CUPS prior to 1.3.8, where the web interface (cgi-bin/admin.c) uses a guest user when no user is logged in, enabling CSRF attacks on RSS subscription management (add and cancel) by remote attackers. Multiple connected advisories note the issue as part of broader CUPS updates...

10CVSS7.4AI score0.03669EPSS
Exploits1References5Affected Software1
Debian CVE
Debian CVE
added 2008/11/21 2:0 a.m.25 views

CVE-2008-5183

cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial of service daemon crash by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference. NOTE: this issue can be triggered remotely by leveraging CVE-2008-5184...

7.5CVSS6AI score0.0921EPSS
Exploits1
Rows per page
Query Builder