CVE-2004-1268

Sažetak

lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file, which allows local users to corrupt the file by filling the associated file system and triggering the write errors.

Reference

http://tigger.uic.edu/~jlongs2/holes/cups2.txt
http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2005:008
http://www.redhat.com/support/errata/RHSA-2005-013.html
http://www.redhat.com/support/errata/RHSA-2005-053.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/18606
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10398
https://usn.ubuntu.com/50-1/

CVSS

Base:	2.1
Impact:	2.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:L/AC:L/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

03-10-2018 - 21:29

Objavljeno

10-01-2005 - 05:00