Lucene search
Aaron SigelEDB-ID:33339HistoryNov 09, 2009 - 12:00 a.m.
CUPS 'kerberos' Parameter Cross-Site Scripting Vulnerability
2009-11-0900:00:00
Aaron Sigel
www.exploit-db.com
36
EPSS
0.009
Percentile
82.7%
CUPS โkerberosโ Parameter Cross Site Scripting Vulnerability. CVE-2009-2820. Remote exploit for linux platform
source: http://www.securityfocus.com/bid/36958/info
CUPS is prone to a cross-site scripting vulnerability because the software fails to sufficiently sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
NOTE: This vulnerability was originally reported in BID 36956 (Apple Mac OS X 2009-006 Multiple Security Vulnerabilities), but has been given its own record to better document it.
This issue affects versions prior to CUPS 1.4.2.
http://www.example.com/admin/?kerberos=onmouseover=alert Related
debian
debian
[SECURITY] [DSA 1933-1] New cups packages fix cross-site scripting
2009-11-10 02:41:26
seebug
seebug
CUPS kerberosๅๆฐ่ทจ็ซ่ๆฌๆผๆด
2009-11-18 00:00:00
CUPS vulnerability
2009-11-11 00:00:00
New cups packages fix cross-site scripting
2009-11-11 00:00:00
nessus
nessus
CUPS < 1.4.2 kerberos Parameter XSS
2009-11-11 00:00:00
SuSE 11 Security Update : CUPS (SAT Patch Number 1504)
2009-11-12 00:00:00
Debian DSA-1933-1 : cups - missing input sanitising
2010-02-24 00:00:00
openvas
openvas
CUPS 'kerberos' Parameter XSS Vulnerability
2009-11-13 00:00:00
SLES11: Security update for CUPS
2009-11-17 00:00:00
Debian Security Advisory DSA 1933-1 (cups)
2009-11-17 00:00:00
nvd
nvd
CVE-2009-2820
2009-11-10 19:30:01
debiancve
debiancve
CVE-2009-2820
2009-11-10 19:30:01
ubuntu
ubuntu
CUPS vulnerability
2009-11-10 00:00:00
prion
prion
Cross site scripting
2009-11-10 19:30:00
cve
cve
CVE-2009-2820
2009-11-10 19:30:01
ubuntucve
ubuntucve
CVE-2009-2820
2009-11-09 00:00:00
veracode
veracode
Cross-site Scripting (XSS)
2020-04-10 00:39:44
exploitdb
exploitdb
CUPS - 'kerberos' Cross-Site Scripting
2009-11-11 00:00:00
cvelist
cvelist
CVE-2009-2820
2009-11-10 19:00:00
centos
centos
cups security update
2009-11-24 16:44:53
oraclelinux
oraclelinux
cups security update
2009-11-18 00:00:00
redhat
redhat
(RHSA-2009:1595) Moderate: cups security update
2009-11-18 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: cups-1.4.2-7.fc12
2009-12-01 04:34:10
[SECURITY] Fedora 10 Update: cups-1.3.11-2.fc10
2009-12-02 04:49:04
[SECURITY] Fedora 11 Update: cups-1.4.2-7.fc11
2009-12-01 04:19:25