Lucene search
K

11 matches found

Tenable Nessus
Tenable Nessus
added 2010/04/15 12:0 a.m.29 views

Mandriva Linux Security Advisory : cups (MDVSA-2010:073-1)

Multiple vulnerabilities has been found and corrected in cups : CUPS in does not properly handle 1 HTTP headers and 2 HTML templates, which allows remote attackers to conduct cross-site scripting XSS attacks and HTTP response splitting attacks via vectors related to a the product's web interface,...

7.5CVSS6.3AI score0.0578EPSS
Exploits6References4
Tenable Nessus
Tenable Nessus
added 2010/03/19 12:0 a.m.53 views

openSUSE Security Update : cups (cups-2102)

lppasswd when running setuid or setgid still honors environment variables that specify the location of message files. Local attackers could exploit that to gather information by using crafted format strings CVE-2010-0393. The previous fix for a use-after-free vulnerability CVE-2009-3553 was...

7.5CVSS6.3AI score0.03913EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2010/03/19 12:0 a.m.33 views

openSUSE Security Update : cups (cups-2102)

lppasswd when running setuid or setgid still honors environment variables that specify the location of message files. Local attackers could exploit that to gather information by using crafted format strings CVE-2010-0393. The previous fix for a use-after-free vulnerability CVE-2009-3553 was...

7.5CVSS6.3AI score0.03913EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2010/03/10 12:0 a.m.36 views

CUPS < 1.4.3 Security Bypass Vulnerability

Common UNIX Printing System CUPS is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6.9CVSS8.6AI score0.0032EPSS
Exploits0References5
NVD
NVD
added 2010/03/05 7:30 p.m.18 views

CVE-2010-0393

The cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with...

6.9CVSS7.8AI score0.0032EPSS
Exploits0References9
CVE
CVE
added 2010/03/05 7:0 p.m.84 views

CVE-2010-0393

CVE-2010-0393 affects CUPS: the cupsGetlang function in lppasswd historically uses an environment variable to select the localization file, allowing local privilege escalation via crafted localization data with format string specifiers in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1. The vulnerability’s r...

6.9CVSS7.3AI score0.0032EPSS
Exploits0References9Affected Software1
Tenable Nessus
Tenable Nessus
added 2010/03/04 12:0 a.m.42 views

Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : cups, cupsys vulnerabilities (USN-906-1)

It was discovered that the CUPS scheduler did not properly handle certain network operations. A remote attacker could exploit this flaw and cause the CUPS server to crash, resulting in a denial of service. This issue only affected Ubuntu 8.04 LTS, 8.10, 9.04 and 9.10. CVE-2009-3553, CVE-2010-0302...

7.5CVSS6.6AI score0.03913EPSS
Exploits1References4
securityvulns
securityvulns
added 2010/03/04 12:0 a.m.62 views

[SECURITY] [DSA 2007-1] New cups packages fix arbitrary code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA-2007-1 [email protected] http://www.debian.org/security/ Nico Golde March 3rd, 2010 http://www.debian.org/security/faq -...

6.9CVSS0.2AI score0.0032EPSS
Exploits0
Ubuntu
Ubuntu
added 2010/03/03 8:7 p.m.57 views

USN-906-1: CUPS vulnerabilities

It was discovered that the CUPS scheduler did not properly handle certain network operations. A remote attacker could exploit this flaw and cause the CUPS server to crash, resulting in a denial of service. This issue only affected Ubuntu 8.04 LTS, 8.10, 9.04 and 9.10. CVE-2009-3553, CVE-2010-0302...

7.5CVSS6.7AI score0.03913EPSS
Exploits1
OpenVAS
OpenVAS
added 2010/02/19 12:0 a.m.35 views

Mandriva Update for mandriva-doc MDVA-2010:072 (mandriva-doc)

Check for the Version of mandriva-doc OpenVAS Vulnerability Test Mandriva Update for mandriva-doc MDVA-2010:072 mandriva-doc Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

6.9CVSS7.8AI score0.0578EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2010/02/19 12:0 a.m.32 views

Mandriva Update for dhcp MDVA-2010:073 (dhcp)

Check for the Version of dhcp OpenVAS Vulnerability Test Mandriva Update for dhcp MDVA-2010:073 dhcp Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

6.9CVSS5.7AI score0.0578EPSS
Exploits6References2
Rows per page
Query Builder