// For flags

CVE-2008-0596

cups: memory leak handling IPP browse requests

Severity Score

5.0
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Memory leak in CUPS before 1.1.22, and possibly other versions, allows remote attackers to cause a denial of service (memory consumption and daemon crash) via a large number of requests to add and remove shared printers.

Fuga de memoria en CUPS versiones anteriores a 1.1.22 y posiblemente otras versiones, permite a atacantes remotos provocar una denegación de servicio (consumo de memoria y caída del demonio) a través de un gran número de peticiones para añadir y eliminar impresoras compartidas.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
Attack Vector
Adjacent
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2008-02-05 CVE Reserved
  • 2008-02-26 CVE Published
  • 2024-08-07 CVE Updated
  • 2024-11-22 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-399: Resource Management Errors
  • CWE-401: Missing Release of Memory after Effective Lifetime
CAPEC
References (23)
URL Tag Source
http://docs.info.apple.com/article.html?artnum=307562 X_refsource_confirm
http://secunia.com/advisories/29189 Third Party Advisory
http://secunia.com/advisories/29251 Third Party Advisory
http://secunia.com/advisories/29420 Third Party Advisory
http://support.avaya.com/elmodocs2/security/ASA-2008-084.htm X_refsource_confirm
http://support.avaya.com/elmodocs2/security/ASA-2008-098.htm X_refsource_confirm
http://wiki.rpath.com/Advisories:rPSA-2008-0091 X_refsource_confirm
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0091 X_refsource_confirm
http://www.securityfocus.com/archive/1/488966/100/0/threaded Mailing List
http://www.securityfocus.com/bid/27988 Vdb Entry
http://www.securitytracker.com/id?1019497 Vdb Entry
http://www.vupen.com/english/advisories/2008/0924/references Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/40842 Vdb Entry
https://issues.rpath.com/browse/RPL-2283 X_refsource_confirm
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10857 Signature
URL Date SRC
URL Date SRC
URL Date SRC
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html 2023-02-13
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00000.html 2023-02-13
http://secunia.com/advisories/29087 2023-02-13
http://www.mandriva.com/security/advisories?name=MDVSA-2008:050 2023-02-13
http://www.redhat.com/support/errata/RHSA-2008-0153.html 2023-02-13
http://www.redhat.com/support/errata/RHSA-2008-0161.html 2023-02-13
https://access.redhat.com/security/cve/CVE-2008-0596 2008-02-25
https://bugzilla.redhat.com/show_bug.cgi?id=433825 2008-02-25
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Easy Software Products
Search vendor "Easy Software Products"
 Cups
Search vendor "Easy Software Products" for product "Cups"
 1.1.17
Search vendor "Easy Software Products" for product "Cups" and version "1.1.17"
-
Affected
in Redhat
Search vendor "Redhat"
 Desktop
Search vendor "Redhat" for product "Desktop"
 3.0
Search vendor "Redhat" for product "Desktop" and version "3.0"
-
Safe
Easy Software Products
Search vendor "Easy Software Products"
 Cups
Search vendor "Easy Software Products" for product "Cups"
 1.1.17
Search vendor "Easy Software Products" for product "Cups" and version "1.1.17"
-
Affected
in Redhat
Search vendor "Redhat"
 Desktop
Search vendor "Redhat" for product "Desktop"
 4.0
Search vendor "Redhat" for product "Desktop" and version "4.0"
-
Safe
Easy Software Products
Search vendor "Easy Software Products"
 Cups
Search vendor "Easy Software Products" for product "Cups"
 1.1.17
Search vendor "Easy Software Products" for product "Cups" and version "1.1.17"
-
Affected
in Redhat
Search vendor "Redhat"
 Enterprise Linux
Search vendor "Redhat" for product "Enterprise Linux"
 as_3
Search vendor "Redhat" for product "Enterprise Linux" and version "as_3"
-
Safe
Easy Software Products
Search vendor "Easy Software Products"
 Cups
Search vendor "Easy Software Products" for product "Cups"
 1.1.17
Search vendor "Easy Software Products" for product "Cups" and version "1.1.17"
-
Affected
in Redhat
Search vendor "Redhat"
 Enterprise Linux
Search vendor "Redhat" for product "Enterprise Linux"
 as_4
Search vendor "Redhat" for product "Enterprise Linux" and version "as_4"
-
Safe
Easy Software Products
Search vendor "Easy Software Products"
 Cups
Search vendor "Easy Software Products" for product "Cups"
 1.1.17
Search vendor "Easy Software Products" for product "Cups" and version "1.1.17"
-
Affected
in Redhat
Search vendor "Redhat"
 Enterprise Linux
Search vendor "Redhat" for product "Enterprise Linux"
 es_3
Search vendor "Redhat" for product "Enterprise Linux" and version "es_3"
-
Safe
Easy Software Products
Search vendor "Easy Software Products"
 Cups
Search vendor "Easy Software Products" for product "Cups"
 1.1.17
Search vendor "Easy Software Products" for product "Cups" and version "1.1.17"
-
Affected
in Redhat
Search vendor "Redhat"
 Enterprise Linux
Search vendor "Redhat" for product "Enterprise Linux"
 es_4
Search vendor "Redhat" for product "Enterprise Linux" and version "es_4"
-
Safe
Easy Software Products
Search vendor "Easy Software Products"
 Cups
Search vendor "Easy Software Products" for product "Cups"
 1.1.17
Search vendor "Easy Software Products" for product "Cups" and version "1.1.17"
-
Affected
in Redhat
Search vendor "Redhat"
 Enterprise Linux
Search vendor "Redhat" for product "Enterprise Linux"
 ws_3
Search vendor "Redhat" for product "Enterprise Linux" and version "ws_3"
-
Safe
Easy Software Products
Search vendor "Easy Software Products"
 Cups
Search vendor "Easy Software Products" for product "Cups"
 1.1.17
Search vendor "Easy Software Products" for product "Cups" and version "1.1.17"
-
Affected
in Redhat
Search vendor "Redhat"
 Enterprise Linux
Search vendor "Redhat" for product "Enterprise Linux"
 ws_4
Search vendor "Redhat" for product "Enterprise Linux" and version "ws_4"
-
Safe
Easy Software Products
Search vendor "Easy Software Products"
 Cups
Search vendor "Easy Software Products" for product "Cups"
 1.1.22
Search vendor "Easy Software Products" for product "Cups" and version "1.1.22"
-
Affected
in Redhat
Search vendor "Redhat"
 Desktop
Search vendor "Redhat" for product "Desktop"
 3.0
Search vendor "Redhat" for product "Desktop" and version "3.0"
-
Safe
Easy Software Products
Search vendor "Easy Software Products"
 Cups
Search vendor "Easy Software Products" for product "Cups"
 1.1.22
Search vendor "Easy Software Products" for product "Cups" and version "1.1.22"
-
Affected
in Redhat
Search vendor "Redhat"
 Desktop
Search vendor "Redhat" for product "Desktop"
 4.0
Search vendor "Redhat" for product "Desktop" and version "4.0"
-
Safe
Easy Software Products
Search vendor "Easy Software Products"
 Cups
Search vendor "Easy Software Products" for product "Cups"
 1.1.22
Search vendor "Easy Software Products" for product "Cups" and version "1.1.22"
-
Affected
in Redhat
Search vendor "Redhat"
 Enterprise Linux
Search vendor "Redhat" for product "Enterprise Linux"
 as_3
Search vendor "Redhat" for product "Enterprise Linux" and version "as_3"
-
Safe
Easy Software Products
Search vendor "Easy Software Products"
 Cups
Search vendor "Easy Software Products" for product "Cups"
 1.1.22
Search vendor "Easy Software Products" for product "Cups" and version "1.1.22"
-
Affected
in Redhat
Search vendor "Redhat"
 Enterprise Linux
Search vendor "Redhat" for product "Enterprise Linux"
 as_4
Search vendor "Redhat" for product "Enterprise Linux" and version "as_4"
-
Safe
Easy Software Products
Search vendor "Easy Software Products"
 Cups
Search vendor "Easy Software Products" for product "Cups"
 1.1.22
Search vendor "Easy Software Products" for product "Cups" and version "1.1.22"
-
Affected
in Redhat
Search vendor "Redhat"
 Enterprise Linux
Search vendor "Redhat" for product "Enterprise Linux"
 es_3
Search vendor "Redhat" for product "Enterprise Linux" and version "es_3"
-
Safe
Easy Software Products
Search vendor "Easy Software Products"
 Cups
Search vendor "Easy Software Products" for product "Cups"
 1.1.22
Search vendor "Easy Software Products" for product "Cups" and version "1.1.22"
-
Affected
in Redhat
Search vendor "Redhat"
 Enterprise Linux
Search vendor "Redhat" for product "Enterprise Linux"
 es_4
Search vendor "Redhat" for product "Enterprise Linux" and version "es_4"
-
Safe
Easy Software Products
Search vendor "Easy Software Products"
 Cups
Search vendor "Easy Software Products" for product "Cups"
 1.1.22
Search vendor "Easy Software Products" for product "Cups" and version "1.1.22"
-
Affected
in Redhat
Search vendor "Redhat"
 Enterprise Linux
Search vendor "Redhat" for product "Enterprise Linux"
 ws_3
Search vendor "Redhat" for product "Enterprise Linux" and version "ws_3"
-
Safe
Easy Software Products
Search vendor "Easy Software Products"
 Cups
Search vendor "Easy Software Products" for product "Cups"
 1.1.22
Search vendor "Easy Software Products" for product "Cups" and version "1.1.22"
-
Affected
in Redhat
Search vendor "Redhat"
 Enterprise Linux
Search vendor "Redhat" for product "Enterprise Linux"
 ws_4
Search vendor "Redhat" for product "Enterprise Linux" and version "ws_4"
-
Safe