Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1383

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2002-1383
Last Modified 10 Sep 2008 03:14:27
Published 26 Dec 2002 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1383

Summary

Multiple integer overflows in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allow remote attackers to execute arbitrary code via (1) the CUPSd HTTP interface, as demonstrated by vanilla-coke, and (2) the image handling code in CUPS filters, as demonstrated by mksun.

Vulnerable Systems

Operating System

  • Apple Mac Os X 10.2

  • Apple Mac Os X 10.2.2

Application

  • Easy Software Products Cups 1.0.4

  • Easy Software Products Cups 1.0.4 8

  • Easy Software Products Cups 1.1.1

  • Easy Software Products Cups 1.1.10

  • Easy Software Products Cups 1.1.13

  • Easy Software Products Cups 1.1.14

  • Easy Software Products Cups 1.1.17

  • Easy Software Products Cups 1.1.4

  • Easy Software Products Cups 1.1.4 2

  • Easy Software Products Cups 1.1.4 3

  • Easy Software Products Cups 1.1.4 5

  • Easy Software Products Cups 1.1.6

  • Easy Software Products Cups 1.1.7


References

REDHAT - RHSA-2002:295

MISC - http://www.idefense.com/advisory/12.19.02.txt

BUGTRAQ - 20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS)

SUSE - SuSE-SA:2003:002

SECUNIA - 9325

SECUNIA - 8080

SECUNIA - 7913

SECUNIA - 7907

SECUNIA - 7858

SECUNIA - 7843

SECUNIA - 7803

SECUNIA - 7794

SECUNIA - 7756

CALDERA - CSSA-2003-004.0


Last Updated: 27 May 2016 10:37:18