163 matches found
CVE-2024-35235 Cupsd Listen arbitrary chmod 0140777
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and earlier, when starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can be caused to perform an arbitrary chmod of the...
CVE-2024-35235
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and earlier, when starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can be caused to perform an arbitrary chmod of the...
[SECURITY] Fedora 38 Update: libppd-2.0~rc2-4.fc38
Libppd provides all PPD related function/API which is going to be removed from CUPS 3.X, but are still required for retro-fitting support of legacy printers. The library is meant only for retro-fitting printer applications, any new printer drivers have to be written as native printer application...
AZL-37100 CVE-2023-4504 affecting package cups for versions less than 2.4.10-1
Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023...
AZL-37075 CVE-2023-4504 affecting package cups for versions less than 2.3.3op2-7
Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023...
CVE-2023-4504
Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023...
DEBIAN-CVE-2023-4504
Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023...
CVE-2023-4504
Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023...
CVE-2023-4504
A vulnerability was found in OpenPrinting CUPS. The security flaw occurs due to failure in validating the length provided by an attacker-crafted CUPS document, possibly leading to a heap-based buffer overflow and code execution. Mitigation For a successful attack, the victim had to install a PPD...
SUSE CVE-2017-15400
Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker to execute a command with the same privileges as the cups daemon via a crafted PPD file, aka a printer zeroconfig CRLF issue...
ppd-bg.com Cross Site Scripting vulnerability OBB-2878398
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
ppd-bg.com Cross Site Scripting vulnerability OBB-2618274
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Huawei EulerOS: Security Advisory for cups (EulerOS-SA-2021-1573)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 8 : cups (CESA-2020:4469)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:4469 advisory. - cups: heap based buffer overflow in libcups's ppdFindOption in ppd-mark.c CVE-2020-3898 Note that Nessus has not tested for this issue but has instead relied...
EulerOS Virtualization 3.0.6.6 : cups (EulerOS-SA-2020-2464)
According to the version of the cups packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - heap based buffer overflow in libcups's ppdFindOption in ppd-mark.cCVE-2020-3898 Note that Tenable Network Security has extracted the...
Denial Of Service (DoS)
cups is vulnerable to denial of service DoS. The vulnerability exists through heap based buffer overflow in libcups's ppdFindOption in ppd-mark.c...
cups: heap based buffer overflow in libcups's ppdFindOption() in ppd-mark.c
A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. An application may be able to gain elevated privileges...
RHEL 8 : cups (RHSA-2020:4469)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:4469 advisory. The Common UNIX Printing System CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fixes: cups: heap...
Huawei EulerOS: Security Advisory for cups (EulerOS-SA-2020-2241)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4340-1: CUPS vulnerabilities
It was discovered that CUPS incorrectly handled certain language values. A local attacker could possibly use this issue to cause CUPS to crash, leading to a denial of service, or possibly obtain sensitive information. This issue only applied to Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 19.10...