CVE-2004-1268

high

Description

lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file, which allows local users to corrupt the file by filling the associated file system and triggering the write errors.

References

https://usn.ubuntu.com/50-1/

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10398

https://exchange.xforce.ibmcloud.com/vulnerabilities/18606

http://www.redhat.com/support/errata/RHSA-2005-053.html

http://www.redhat.com/support/errata/RHSA-2005-013.html

http://www.mandriva.com/security/advisories?name=MDKSA-2005:008

http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml

Details

Source: Mitre, NVD

Published: 2005-01-10

Updated: 2025-04-03

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N

Severity: Low

CVSS v3

Base Score: 7.1

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Severity: High

EPSS

EPSS: 0.00107

Detections

Analytics