1. CVE-Search
  2. CVE-2002-1369
ID CVE-2002-1369
Summary jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly use the strncat function call when processing the options string, which allows remote attackers to execute arbitrary code via a buffer overflow attack.
References
Vulnerable Configurations
  • cpe:2.3:a:easy_software_products:cups:1.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:easy_software_products:cups:1.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:easy_software_products:cups:1.0.4_8:*:*:*:*:*:*:*
    cpe:2.3:a:easy_software_products:cups:1.0.4_8:*:*:*:*:*:*:*
  • cpe:2.3:a:easy_software_products:cups:1.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:easy_software_products:cups:1.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:easy_software_products:cups:1.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:easy_software_products:cups:1.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:easy_software_products:cups:1.1.4_2:*:*:*:*:*:*:*
    cpe:2.3:a:easy_software_products:cups:1.1.4_2:*:*:*:*:*:*:*
  • cpe:2.3:a:easy_software_products:cups:1.1.4_3:*:*:*:*:*:*:*
    cpe:2.3:a:easy_software_products:cups:1.1.4_3:*:*:*:*:*:*:*
  • cpe:2.3:a:easy_software_products:cups:1.1.4_5:*:*:*:*:*:*:*
    cpe:2.3:a:easy_software_products:cups:1.1.4_5:*:*:*:*:*:*:*
  • cpe:2.3:a:easy_software_products:cups:1.1.6:*:*:*:*:*:*:*
    cpe:2.3:a:easy_software_products:cups:1.1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:easy_software_products:cups:1.1.7:*:*:*:*:*:*:*
    cpe:2.3:a:easy_software_products:cups:1.1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:easy_software_products:cups:1.1.10:*:*:*:*:*:*:*
    cpe:2.3:a:easy_software_products:cups:1.1.10:*:*:*:*:*:*:*
  • cpe:2.3:a:easy_software_products:cups:1.1.13:*:*:*:*:*:*:*
    cpe:2.3:a:easy_software_products:cups:1.1.13:*:*:*:*:*:*:*
  • cpe:2.3:a:easy_software_products:cups:1.1.14:*:*:*:*:*:*:*
    cpe:2.3:a:easy_software_products:cups:1.1.14:*:*:*:*:*:*:*
  • cpe:2.3:a:easy_software_products:cups:1.1.17:*:*:*:*:*:*:*
    cpe:2.3:a:easy_software_products:cups:1.1.17:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 10-10-2017 - 01:30)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
redhat via4
advisories
rhsa
id RHSA-2002:295
refmap via4
bid 6438
bugtraq 20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS)
conectiva CLSA-2003:702
debian DSA-232
mandrake MDKSA-2003:001
misc http://www.idefense.com/advisory/12.19.02.txt
suse SuSE-SA:2003:002
vulnwatch 20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS)
xf cups-strncat-options-bo(10910)
Last major update 10-10-2017 - 01:30
Published 26-12-2002 - 05:00
Last modified 10-10-2017 - 01:30
Back to Top