Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2008-5184HistoryNov 21, 2008 - 2:30 a.m.
CVE-2008-5184
2008-11-2102:30:00
Debian Security Bug Tracker
security-tracker.debian.org
23
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
0.013
Percentile
85.6%
The web interface (cgi-bin/admin.c) in CUPS before 1.3.8 uses the guest username when a user is not logged on to the web server, which makes it easier for remote attackers to bypass intended policy and conduct CSRF attacks via the (1) add and (2) cancel RSS subscription functions.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | cups | < 1.3.8-1 | cups_1.3.8-1_all.deb |
| Debian | 11 | all | cups | < 1.3.8-1 | cups_1.3.8-1_all.deb |
| Debian | 999 | all | cups | < 1.3.8-1 | cups_1.3.8-1_all.deb |
| Debian | 13 | all | cups | < 1.3.8-1 | cups_1.3.8-1_all.deb |
Related
ubuntucve
ubuntucve
CVE-2008-5184
2008-11-21 00:00:00
CVE-2008-5183
2008-11-21 00:00:00
prion
prion
Cross site request forgery (csrf)
2008-11-21 02:30:00
Null pointer dereference
2008-11-21 02:30:00
nvd
nvd
CVE-2008-5184
2008-11-21 02:30:00
CVE-2008-5183
2008-11-21 02:30:00
cve
cve
CVE-2008-5184
2008-11-21 02:30:00
CVE-2008-5183
2008-11-21 02:30:00
cvelist
cvelist
CVE-2008-5184
2008-11-21 02:00:00
CVE-2008-5183
2008-11-21 02:00:00
debiancve
debiancve
CVE-2008-5183
2008-11-21 02:30:00
nessus
nessus
openSUSE Security Update : cups (cups-322)
2009-07-21 00:00:00
openSUSE Security Update : cups (cups-356)
2009-07-21 00:00:00
openvas
openvas
CUPS < 1.3.8 DoS Vulnerability
2008-11-26 00:00:00
FreeBSD Ports: cups-base
2008-12-03 00:00:00
FreeBSD Ports: cups-base
2008-12-03 00:00:00
securityvulns
securityvulns
CUPS integer overflow
2008-12-03 00:00:00
ubuntu
ubuntu
CUPS vulnerabilities
2009-01-12 00:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
0.013
Percentile
85.6%
Related for DEBIANCVE:CVE-2008-5184