CVE-2011-4405
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The cupshelpers scripts in system-config-printer in Ubuntu 11.04 and 11.10, as used by the automatic printer driver download service, uses an "insecure connection" for queries to the OpenPrinting database, which allows remote attackers to execute arbitrary code via a man-in-the-middle (MITM) attack that modifies packages or repositories.
Los scripts cupshelpers en system-config-printer en Ubuntu v11.04 y v11.10, como es usado por el servicio de descarga del controlador automático de impresión, usa una "conexión insegura" para peticiones de la base de datos OpenPrinting, lo que permite a atacantes remotos ejecutar código de su elección a través de un ataque 'man-in-the-middle (MITM)' que modifica paquetes o repositorios.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2011-11-07 CVE Reserved
- 2011-11-17 CVE Published
- 2024-08-07 CVE Updated
- 2024-09-07 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (5)
URL | Tag | Source |
---|---|---|
http://osvdb.org/77214 | Vdb Entry | |
http://www.securityfocus.com/bid/50721 | Vdb Entry | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/71394 | Vdb Entry |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://secunia.com/advisories/46909 | 2017-08-29 | |
http://www.ubuntu.com/usn/USN-1265-1 | 2017-08-29 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 11.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "11.04" | - |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 11.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "11.10" | - |
Affected
|