exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2010-0540

Status Candidate

Overview

Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, allows remote attackers to hijack the authentication of administrators for requests that change settings.

Related Files

Gentoo Linux Security Advisory 201207-10
Posted Jul 10, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201207-10 - Multiple vulnerabilities have been found in CUPS, some of which may allow execution of arbitrary code or local privilege escalation. Versions less than 1.4.8-r1 are affected.

tags | advisory, arbitrary, local, vulnerability
systems | linux, gentoo
advisories | CVE-2009-3553, CVE-2010-0302, CVE-2010-0393, CVE-2010-0540, CVE-2010-0542, CVE-2010-1748, CVE-2010-2431, CVE-2010-2432, CVE-2010-2941, CVE-2011-3170
SHA-256 | ac1a9fddc193fe58d21d0ca7c54126b91d2ff39c64167361020f526fdbf282f1
Debian Security Advisory 2176-1
Posted Mar 2, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2176-1 - Several vulnerabilities have been discovered in the Common UNIX Printing System. A null pointer dereference in RSS job completion notifications could lead to denial of service. It was discovered that incorrect file descriptor handling could lead to denial of service. A cross-site request forgery vulnerability was discovered in the web interface. Incorrect memory management in the filter subsystem could lead to denial of service. Emmanuel Bouillon discovered a symlink vulnerability in handling of cache files. Various other issues were also addressed.

tags | advisory, web, denial of service, vulnerability, csrf
systems | linux, unix, debian
advisories | CVE-2008-5183, CVE-2009-3553, CVE-2010-0540, CVE-2010-0542, CVE-2010-1748, CVE-2010-2431, CVE-2010-2432, CVE-2010-2941
SHA-256 | 21901e6c776cf699416e364a1c536e8ae21ddbb297893d90aec7aef45ed8caff
Mandriva Linux Security Advisory 2010-234
Posted Nov 16, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-234 - Cross-site request forgery vulnerability in the web interface in CUPS, allows remote attackers to hijack the authentication of administrators for requests that change settings. The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted file. The web interface in CUPS, reads uninitialized memory during handling of form variables, which allows context-dependent attackers to obtain sensitive information from cupsd process memory via unspecified vectors. The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to overwrite arbitrary files via a symlink attack on the /var/cache/cups/job.cache file. ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request. The updated packages have been upgraded to cups 1.3.10 and patched to correct these issues.

tags | advisory, remote, web, denial of service, arbitrary, local, csrf
systems | linux, mandriva
advisories | CVE-2010-0540, CVE-2010-0542, CVE-2010-1748, CVE-2010-2431, CVE-2010-2941
SHA-256 | 0dab4ef60a555b01565c5907cb2d99a63df8c8d71c529e3b72fcfb550aa56f4c
Mandriva Linux Security Advisory 2010-233
Posted Nov 16, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-233 - Cross-site request forgery vulnerability in the web interface in CUPS, allows remote attackers to hijack the authentication of administrators for requests that change settings. ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request. The updated packages have been patched to correct these issues.

tags | advisory, remote, web, denial of service, arbitrary, csrf
systems | linux, mandriva
advisories | CVE-2010-0540, CVE-2010-2941
SHA-256 | 4429a0ea4f7a712c583880adb10367e54b0ebca555534e9ce7b942a78300259e
Mandriva Linux Security Advisory 2010-232
Posted Nov 16, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-232 - Cross-site request forgery vulnerability in the web interface in CUPS, allows remote attackers to hijack the authentication of administrators for requests that change settings. The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted file. The web interface in CUPS, reads uninitialized memory during handling of form variables, which allows context-dependent attackers to obtain sensitive information from cupsd process memory via unspecified vectors. The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to overwrite arbitrary files via a symlink attack on the /var/cache/cups/job.cache file. ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.

tags | advisory, remote, web, denial of service, arbitrary, local, csrf
systems | linux, mandriva
advisories | CVE-2010-0540, CVE-2010-0542, CVE-2010-1748, CVE-2010-2431, CVE-2010-2941
SHA-256 | 04e93c19aeb95affc703012416b9a127b061954e7f95f0664a38bba985b44c89
Ubuntu Security Notice 952-1
Posted Jun 23, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 952-1 - Adrian Pastor and Tim Starling discovered that the CUPS web interface incorrectly protected against cross-site request forgery (CSRF) attacks. If an authenticated user were tricked into visiting a malicious website while logged into CUPS, a remote attacker could modify the CUPS configuration and possibly steal confidential data. It was discovered that CUPS did not properly handle memory allocations in the texttops filter. If a user or automated system were tricked into printing a crafted text file, a remote attacker could cause a denial of service or possibly execute arbitrary code with privileges of the CUPS user (lp). Luca Carettoni discovered that the CUPS web interface incorrectly handled form variables. A remote attacker who had access to the CUPS web interface could use this flaw to read a limited amount of memory from the cupsd process and possibly obtain confidential data.

tags | advisory, remote, web, denial of service, arbitrary, csrf
systems | linux, ubuntu
advisories | CVE-2010-0540, CVE-2010-0542, CVE-2010-1748
SHA-256 | d6b0dd56c3037c879f67bee3d005df81cfa31ae5a24b1282c543cddedbbda89f
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close