Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0164

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2009-0164
Last Modified 16 May 2009 01:29:01
Published 24 Apr 2009 11:30:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-0164

Summary

The web interface for CUPS before 1.3.10 does not validate the HTTP Host header in a client request, which makes it easier for remote attackers to conduct DNS rebinding attacks.

Vulnerable Systems

Application

  • Apple Cups 1.1

  • Apple Cups 1.1.1

  • Apple Cups 1.1.10

  • Apple Cups 1.1.10-1

  • Apple Cups 1.1.11

  • Apple Cups 1.1.12

  • Apple Cups 1.1.13

  • Apple Cups 1.1.14

  • Apple Cups 1.1.15

  • Apple Cups 1.1.16

  • Apple Cups 1.1.17

  • Apple Cups 1.1.18

  • Apple Cups 1.1.19

  • Apple Cups 1.1.2

  • Apple Cups 1.1.20

  • Apple Cups 1.1.21

  • Apple Cups 1.1.22

  • Apple Cups 1.1.23

  • Apple Cups 1.1.3

  • Apple Cups 1.1.4

  • Apple Cups 1.1.5

  • Apple Cups 1.1.5-1

  • Apple Cups 1.1.5-2

  • Apple Cups 1.1.6

  • Apple Cups 1.1.6-1

  • Apple Cups 1.1.6-2

  • Apple Cups 1.1.6-3

  • Apple Cups 1.1.7

  • Apple Cups 1.1.8

  • Apple Cups 1.1.9

  • Apple Cups 1.1.9-1

  • Apple Cups 1.2

  • Apple Cups 1.2.0

  • Apple Cups 1.2.1

  • Apple Cups 1.2.10

  • Apple Cups 1.2.11

  • Apple Cups 1.2.12

  • Apple Cups 1.2.2

  • Apple Cups 1.2.3

  • Apple Cups 1.2.4

  • Apple Cups 1.2.5

  • Apple Cups 1.2.6

  • Apple Cups 1.2.7

  • Apple Cups 1.2.8

  • Apple Cups 1.2.9

  • Apple Cups 1.3

  • Apple Cups 1.3.0

  • Apple Cups 1.3.1

  • Apple Cups 1.3.2

  • Apple Cups 1.3.3

  • Apple Cups 1.3.4

  • Apple Cups 1.3.5

  • Apple Cups 1.3.6

  • Apple Cups 1.3.7

  • Apple Cups 1.3.8

  • Apple Cups 1.3.9


References

CERT - TA09-133A

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=490597

CONFIRM - http://www.cups.org/str.php?L3118

CONFIRM - http://www.cups.org/articles.php?L582

VUPEN - ADV-2009-1297

BID - 34665

BUGTRAQ - 20090417 rPSA-2009-0061-1 cups

CONFIRM - http://wiki.rpath.com/Advisories:rPSA-2009-0061

CONFIRM - http://support.apple.com/kb/HT3549

GENTOO - GLSA-200904-20

SECUNIA - 35074

APPLE - APPLE-SA-2009-05-12

CONFIRM - http://bugs.gentoo.org/show_bug.cgi?id=263070

Related Patches

Apple 2009-05-12 Security Update 2009-002 Server (Tiger PPC)

Apple 2009-05-12 Security Update 2009-002 (Tiger PPC)

Apple 2009-05-12 Mac OS X 10.5.7 Combo Update

Apple 2009-05-12 Mac OS X Server 10.5.7 Update

Apple 2009-05-12 Mac OS X 10.5.7 Update

Apple 2009-05-12 Security Update 2009-002 (Tiger Intel)

Apple 2009-05-12 Mac OS X Server 10.5.7 Combo Update


Last Updated: 27 May 2016 10:50:08