ID CVE-2004-0558
Summary The Internet Printing Protocol (IPP) implementation in CUPS before 1.1.21 allows remote attackers to cause a denial of service (service hang) via a certain UDP packet to the IPP port.
References
Vulnerable Configurations
  • cpe:2.3:a:easy_software_products:cups:1.1.21
    cpe:2.3:a:easy_software_products:cups:1.1.21
CVSS
Base: 5.0 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
exploit-db via4
description CUPS 1.1.x UDP Packet Remote Denial Of Service Vulnerability. CVE-2004-0558. Dos exploit for linux platform
id EDB-ID:24599
last seen 2016-02-02
modified 2004-09-15
published 2004-09-15
reporter Alvaro Martinez Echevarria
source https://www.exploit-db.com/download/24599/
title CUPS 1.1.x UDP Packet Remote Denial of Service Vulnerability
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SA_2004_031.NASL
    description The remote host is missing the patch for the advisory SUSE-SA:2004:031 (cups). The Common Unix Printing System (CUPS) enables local and remote users to obtain printing functionallity via the Internet Printing Protocol (IPP). Alvaro Martinez Echevarria has found a remote Denial of Service condition within CUPS which allows remote users to make the cups server unresponsive. Additionally the SUSE Security Team has discovered a flaw in the foomatic-rip print filter which is commonly installed along with cups. It allows remote attackers, which are listed in the printing ACLs, to execute arbitrary commands as the printing user 'lp'.
    last seen 2019-02-21
    modified 2010-10-06
    plugin id 14730
    published 2004-09-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=14730
    title SUSE-SA:2004:031: cups
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_CUPS_1121.NASL
    description The following package needs to be updated: cups-base
    last seen 2016-09-26
    modified 2004-09-16
    plugin id 14763
    published 2004-09-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=14763
    title FreeBSD : cups -- print queue browser denial-of-service (27)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD20040930.NASL
    description The remote host is missing Security Update 2004-09-30. This security update contains a number of fixes for the following programs : - AFP Server - CUPS - NetInfoManager - postfix - QuickTime - ServerAdmin These programs have multiple vulnerabilities which may allow a remote attacker to execute arbitrary code.
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 15420
    published 2004-10-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15420
    title Mac OS X Multiple Vulnerabilities (Security Update 2004-09-30)
  • NASL family Misc.
    NASL id CUPS_EMPTY_UDP_DOS.NASL
    description The target is running a CUPS server that supports browsing of network printers and that is vulnerable to a limited type of denial of service attack. Specifically, the browsing feature can be disabled by sending an empty UDP datagram to the CUPS server.
    last seen 2019-02-21
    modified 2018-07-06
    plugin id 15900
    published 2004-12-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15900
    title CUPS Internet Printing Protocol (IPP) Implementation Empty UDP Datagram Remote DoS
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2004-097.NASL
    description Alvaro Martinez Echevarria discovered a vulnerability in the CUPS print server where an empty UDP datagram sent to port 631 (the default port that cupsd listens to) would disable browsing. This would prevent cupsd from seeing any remote printers or any future remote printer changes. The updated packages are patched to protect against this vulnerability.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 14753
    published 2004-09-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=14753
    title Mandrake Linux Security Advisory : cups (MDKSA-2004:097)
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2004-266-01.NASL
    description New CUPS packages are available for Slackware 9.1, 10.0, and -current to fix a denial of service issue where a malformed packet can crash the CUPS server.
    last seen 2019-02-21
    modified 2018-08-09
    plugin id 18752
    published 2005-07-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=18752
    title Slackware 10.0 / 9.1 / current : CUPS DoS (SSA:2004-266-01)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2004-275.NASL
    description This update fixes a denial of service problem causing loss of browse services. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0558 to this issue. In addition, this update fixes the cupsenable, cupsdisable and accept commands. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 14839
    published 2004-09-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=14839
    title Fedora Core 2 : cups-1.1.20-11.3 (2004-275)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-545.NASL
    description Alvaro Martinez Echevarria discovered a problem in CUPS, the Common UNIX Printing System. An attacker can easily disable browsing in CUPS by sending a specially crafted UDP datagram to port 631 where cupsd is running.
    last seen 2019-02-21
    modified 2018-08-09
    plugin id 15382
    published 2004-09-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15382
    title Debian DSA-545-1 : cupsys - denial of service
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2004-449.NASL
    description Updated cups packages that fix a denial of service vulnerability are now available. The Common UNIX Printing System (CUPS) is a print spooler. Alvaro Martinez Echevarria reported a bug in the CUPS Internet Printing Protocol (IPP) implementation in versions of CUPS prior to 1.1.21. An attacker could send a carefully crafted UDP packet to the IPP port which could cause CUPS to stop listening to the port and result in a denial of service. In order to exploit this bug, an attacker would need to have the ability to send a UDP packet to the IPP port (by default 631). The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0558 to this issue. All users of cups should upgrade to these updated packages, which contain a backported patch as well as a fix for a non-exploitable off-by-one bug.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 14737
    published 2004-09-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=14737
    title RHEL 3 : cups (RHSA-2004:449)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200409-25.NASL
    description The remote host is affected by the vulnerability described in GLSA-200409-25 (CUPS: Denial of service vulnerability) Alvaro Martinez Echevarria discovered a hole in the CUPS Internet Printing Protocol (IPP) implementation that allows remote attackers to cause CUPS to stop listening on the IPP port. Impact : A remote user with malicious intent can easily cause a denial of service to the CUPS daemon by sending a specially crafted UDP datagram packet to the IPP port. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-12-18
    plugin id 14780
    published 2004-09-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=14780
    title GLSA-200409-25 : CUPS: Denial of service vulnerability
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_05DCF751073311D9B45D000C41E2CDAD.NASL
    description If the CUPS server (cupsd) receives a zero-length UDP message, it will disable its print queue browser service.
    last seen 2019-02-21
    modified 2018-12-19
    plugin id 37713
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37713
    title FreeBSD : cups -- print queue browser denial-of-service (05dcf751-0733-11d9-b45d-000c41e2cdad)
oval via4
accepted 2013-04-29T04:15:33.804-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
description The Internet Printing Protocol (IPP) implementation in CUPS before 1.1.21 allows remote attackers to cause a denial of service (service hang) via a certain UDP packet to the IPP port.
family unix
id oval:org.mitre.oval:def:11732
status accepted
submitted 2010-07-09T03:56:16-04:00
title The Internet Printing Protocol (IPP) implementation in CUPS before 1.1.21 allows remote attackers to cause a denial of service (service hang) via a certain UDP packet to the IPP port.
version 23
redhat via4
advisories
rhsa
id RHSA-2004:449
refmap via4
apple APPLE-SA-2004-09-30
bid 11183
conectiva CLA-2004:872
debian DSA-545
fedora FLSA:2072
mandrake MDKSA-2004:097
misc https://github.com/fibonascii/CVE-2004-0558
sco SCOSA-2004.15
sunalert
  • 1000757
  • 201005
  • 57646
suse SUSE-SA:2004:031
trustix 2004-0047
xf cups-udp-dos(17389)
Last major update 17-10-2016 - 22:46
Published 28-09-2004 - 00:00
Last modified 12-03-2018 - 21:29
Back to Top