Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2002-1369 | First vendor Publication | 2002-12-26 |
Vendor | Cve | Last vendor Modification | 2017-10-10 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly use the strncat function call when processing the options string, which allows remote attackers to execute arbitrary code via a buffer overflow attack. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1369 |
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2008-01-17 | Name : Debian Security Advisory DSA 232-1 (cupsys) File : nvt/deb_232_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 232-2 (cupsys) File : nvt/deb_232_2.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
10742 | CUPS jobs.c Options Strings Remote Overflow A remote overflow exists in CUPS, which fails to check user-supplied input for printer attributes before being passed to the strncpy() function, resulting in a buffer overflow. With a specially crafted request, an attacker can cause stack corruption allowing them to crash the service or potentially execute arbitrary code. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-232.nasl - Type : ACT_GATHER_INFO |
2004-07-31 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2003-001.nasl - Type : ACT_GATHER_INFO |
2004-07-25 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2003_002.nasl - Type : ACT_GATHER_INFO |
2003-01-18 | Name : The remote printer service has multiple vulnerabilities. File : cups_vulns.nasl - Type : ACT_ATTACK |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-05-04 12:01:48 |
|
2021-04-22 01:01:55 |
|
2020-05-23 00:15:08 |
|
2017-10-10 09:23:25 |
|
2016-10-18 12:01:05 |
|
2014-02-17 10:25:19 |
|
2013-05-11 12:12:38 |
|