11 matches found
Mandriva Linux Security Advisory : cups (MDVSA-2010:073-1)
Multiple vulnerabilities has been found and corrected in cups : CUPS in does not properly handle 1 HTTP headers and 2 HTML templates, which allows remote attackers to conduct cross-site scripting XSS attacks and HTTP response splitting attacks via vectors related to a the product's web interface,...
openSUSE Security Update : cups (cups-2102)
lppasswd when running setuid or setgid still honors environment variables that specify the location of message files. Local attackers could exploit that to gather information by using crafted format strings CVE-2010-0393. The previous fix for a use-after-free vulnerability CVE-2009-3553 was...
openSUSE Security Update : cups (cups-2102)
lppasswd when running setuid or setgid still honors environment variables that specify the location of message files. Local attackers could exploit that to gather information by using crafted format strings CVE-2010-0393. The previous fix for a use-after-free vulnerability CVE-2009-3553 was...
CUPS < 1.4.3 Security Bypass Vulnerability
Common UNIX Printing System CUPS is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2010-0393
The cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with...
CVE-2010-0393
CVE-2010-0393 affects CUPS: the cupsGetlang function in lppasswd historically uses an environment variable to select the localization file, allowing local privilege escalation via crafted localization data with format string specifiers in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1. The vulnerability’s r...
Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : cups, cupsys vulnerabilities (USN-906-1)
It was discovered that the CUPS scheduler did not properly handle certain network operations. A remote attacker could exploit this flaw and cause the CUPS server to crash, resulting in a denial of service. This issue only affected Ubuntu 8.04 LTS, 8.10, 9.04 and 9.10. CVE-2009-3553, CVE-2010-0302...
[SECURITY] [DSA 2007-1] New cups packages fix arbitrary code execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA-2007-1 [email protected] http://www.debian.org/security/ Nico Golde March 3rd, 2010 http://www.debian.org/security/faq -...
USN-906-1: CUPS vulnerabilities
It was discovered that the CUPS scheduler did not properly handle certain network operations. A remote attacker could exploit this flaw and cause the CUPS server to crash, resulting in a denial of service. This issue only affected Ubuntu 8.04 LTS, 8.10, 9.04 and 9.10. CVE-2009-3553, CVE-2010-0302...
Mandriva Update for mandriva-doc MDVA-2010:072 (mandriva-doc)
Check for the Version of mandriva-doc OpenVAS Vulnerability Test Mandriva Update for mandriva-doc MDVA-2010:072 mandriva-doc Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
Mandriva Update for dhcp MDVA-2010:073 (dhcp)
Check for the Version of dhcp OpenVAS Vulnerability Test Mandriva Update for dhcp MDVA-2010:073 dhcp Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...