Page 12 of 81 results (0.010 seconds)

CVSS: 5.0EPSS: 2%CPEs: 2EXPL: 0

CVE-2007-4045 – Incomplete fix for CVE-2007-0720 CUPS denial of service

https://notcve.org/view.php?id=CVE-2007-4045

The CUPS service, as used in SUSE Linux before 20070720 and other Linux distributions, allows remote attackers to cause a denial of service via unspecified vectors related to an incomplete fix for CVE-2007-0720 that introduced a different denial of service problem in SSL negotiation. El servicio CUPS, tal y como es usado en SUSE Linux versiones anteriores a 20070720 y otras distribuciones de Linux, permite a atacantes remotos causar una denegación de servicio por medio de vectores no especificados relacionados con una corrección incompleta para CVE-2007-0720 que introdujo un problema diferente de denegación de servicio en la negociación SSL. • http://bugs.gentoo.org/show_bug.cgi?id=199195 http://secunia.com/advisories/27577 http://secunia.com/advisories/27615 http://secunia.com/advisories/28113 http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:036 http://www.novell.com/linux/security/advisories/2007_14_sr.html http://www.redhat.com/support/errata/RHSA-2007-1022.html http://www& •

CVSS: 5.0EPSS: 3%CPEs: 2EXPL: 0

CVE-2007-0720

https://notcve.org/view.php?id=CVE-2007-0720

The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service hang) via a "partially-negotiated" SSL connection, which prevents other requests from being accepted. El servicio CUPS en múltiples plataformas permite que los atacantes remotos causen una denegación de servicio (suspensión de servicio) por medio de una conexión SSL "partially-negotiated", lo que impide que otras peticiones sean aceptadas. • http://docs.info.apple.com/article.html?artnum=305214 http://fedoranews.org/cms/node/2785 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://secunia.com/advisories/24479 http://secunia.com/advisories/24517 http://secunia.com/advisories/24530 http://secunia.com/advisories/24660 http://secunia.com/advisories/24878 http://secunia.com/advisories/24895 http://secunia.com/advisories/25119 http://secunia.com/advisories/25497 http://secunia.com/advisori •

CVSS: 5.0EPSS: 9%CPEs: 45EXPL: 2

CVE-2005-2874

https://notcve.org/view.php?id=CVE-2005-2874

The is_path_absolute function in scheduler/client.c for the daemon in CUPS before 1.1.23 allows remote attackers to cause a denial of service (CPU consumption by tight loop) via a "..\.." URL in an HTTP request. • http://lwn.net/Alerts/152835 http://securitytracker.com/id?1012811 http://www.cups.org/relnotes.php#010123 http://www.cups.org/str.php?L1042+P0+S-1+C0+I0+E0+Q1042 http://www.redhat.com/support/errata/RHSA-2005-772.html https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168072 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9774 https://access.redhat.com/security/cve/CVE-2005-2874 https://bugzilla.redhat.com/show_bug.cgi?id= •

CVSS: 7.5EPSS: 0%CPEs: 146EXPL: 0

CVE-2005-0206

https://notcve.org/view.php?id=CVE-2005-0206

The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities. El parche para corregir las vulnerabilidades de desbordamiento de entero en Xpdf 2.0 y 3.0 (CAN-2004-0888) es incompleto para arquitecturas de 64 bits en ciertas distribuciones de Linux como Red Hat, lo que podría dejar a los usuarios de Xpdf expuestos a las vulnerabilidades originales. • http://www.mandriva.com/security/advisories?name=MDKSA-2005:041 http://www.mandriva.com/security/advisories?name=MDKSA-2005:042 http://www.mandriva.com/security/advisories?name=MDKSA-2005:043 http://www.mandriva.com/security/advisories?name=MDKSA-2005:044 http://www.mandriva.com/security/advisories? •

CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2004-2154

https://notcve.org/view.php?id=CVE-2004-2154

CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a printer name containing uppercase or lowercase letters that are different from what is specified in the directive. • http://www.cups.org/str.php?L700 http://www.novell.com/linux/security/advisories/2005_18_sr.html http://www.redhat.com/support/errata/RHSA-2005-571.html http://www.ubuntu.com/usn/usn-185-1 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162405 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=163274 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9940 https://access.redhat.com/security/cve/CVE-2004-2154 https://bugzilla • CWE-178: Improper Handling of Case Sensitivity •