CVE-2004-1268

low

Description

lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file, which allows local users to corrupt the file by filling the associated file system and triggering the write errors.

References

http://tigger.uic.edu/~jlongs2/holes/cups2.txt

http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml

http://www.mandriva.com/security/advisories?name=MDKSA-2005:008

http://www.redhat.com/support/errata/RHSA-2005-013.html

http://www.redhat.com/support/errata/RHSA-2005-053.html

https://exchange.xforce.ibmcloud.com/vulnerabilities/18606

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10398

https://usn.ubuntu.com/50-1/

Details

Source: MITRE

Published: 2005-01-10

Updated: 2018-10-03

Type: NVD-CWE-Other

Risk Information

CVSS v2

Base Score: 2.1

Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 3.9

Severity: LOW