Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1268

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2004-1268
Last Modified 21 Aug 2010 12:22:07
Published 10 Jan 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-1268

Summary

lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file, which allows local users to corrupt the file by filling the associated file system and triggering the write errors.

Vulnerable Systems

Operating System

  • Redhat Fedora Core Core 2.0

  • Redhat Fedora Core Core 3.0

Application

  • Easy Software Products Cups 1.0.4

  • Easy Software Products Cups 1.0.4 8

  • Easy Software Products Cups 1.1.1

  • Easy Software Products Cups 1.1.10

  • Easy Software Products Cups 1.1.12

  • Easy Software Products Cups 1.1.13

  • Easy Software Products Cups 1.1.14

  • Easy Software Products Cups 1.1.15

  • Easy Software Products Cups 1.1.16

  • Easy Software Products Cups 1.1.17

  • Easy Software Products Cups 1.1.18

  • Easy Software Products Cups 1.1.19

  • Easy Software Products Cups 1.1.19 Rc5

  • Easy Software Products Cups 1.1.20

  • Easy Software Products Cups 1.1.21

  • Easy Software Products Cups 1.1.22 Rc1

  • Easy Software Products Cups 1.1.4

  • Easy Software Products Cups 1.1.4 2

  • Easy Software Products Cups 1.1.4 3

  • Easy Software Products Cups 1.1.4 5

  • Easy Software Products Cups 1.1.6

  • Easy Software Products Cups 1.1.7


References

XF - cups-lppasswd-passwd-truncate(18606)

REDHAT - RHSA-2005:053

REDHAT - RHSA-2005:013

MISC - http://tigger.uic.edu/~jlongs2/holes/cups2.txt

UBUNTU - USN-50-1

MANDRAKE - MDKSA-2005:008

GENTOO - GLSA-200412-25


Last Updated: 27 May 2016 10:38:58