Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2010 Greenbone AGOPENVAS:1361412562310801664
HistoryDec 21, 2010 - 12:00 a.m.

CUPS < 1.4.4 Information Disclosure Vulnerability

2010-12-2100:00:00
Copyright (C) 2010 Greenbone AG
plugins.openvas.org
22

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

AI Score

8.3

Confidence

High

EPSS

0.013

Percentile

85.7%

JSON

CUPS is prone to an information disclosure vulnerability.

# SPDX-FileCopyrightText: 2010 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:apple:cups";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.801664");
  script_version("2023-08-15T05:05:29+0000");
  script_tag(name:"last_modification", value:"2023-08-15 05:05:29 +0000 (Tue, 15 Aug 2023)");
  script_tag(name:"creation_date", value:"2010-12-21 15:42:46 +0100 (Tue, 21 Dec 2010)");
  script_tag(name:"cvss_base", value:"4.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:N/A:N");

  script_cve_id("CVE-2010-1748");

  script_tag(name:"qod_type", value:"remote_vul");

  script_tag(name:"solution_type", value:"VendorFix");

  script_name("CUPS < 1.4.4 Information Disclosure Vulnerability");

  script_category(ACT_ATTACK);

  script_copyright("Copyright (C) 2010 Greenbone AG");
  script_family("Web Servers");
  script_dependencies("gb_cups_http_detect.nasl");
  script_require_ports("Services/www", 631);
  script_mandatory_keys("cups/http/detected");

  script_tag(name:"summary", value:"CUPS is prone to an information disclosure vulnerability.");

  script_tag(name:"insight", value:"This flaw is due to an error in 'cgi_initialize_string' function
  in 'cgi-bin/var.c' which mishandles input parameters containing the '%' character.");

  script_tag(name:"impact", value:"Successful exploitation will allow attackers to obtain sensitive
  information from cupsd process memory via a crafted request.");

  script_tag(name:"affected", value:"CUPS version 1.4.3 and prior.");

  script_tag(name:"solution", value:"Update to version 1.4.4 or later.");

  script_xref(name:"URL", value:"http://cups.org/str.php?L3577");
  script_xref(name:"URL", value:"http://cups.org/articles.php?L596");
  script_xref(name:"URL", value:"http://secunia.com/advisories/40220");
  script_xref(name:"URL", value:"https://github.com/apple/cups/issues/3577");

  exit(0);
}

include("http_func.inc");
include("http_keepalive.inc");
include("host_details.inc");

if( ! port = get_app_port( cpe:CPE ) )
  exit( 0 );

if( ! get_app_location( port:port, cpe:CPE, nofork:TRUE ) )
  exit( 0 );

url = "/admin?OP=redirect&URL=%";

req = http_get( item:url, port:port );
res = http_keepalive_send_recv( port:port, data:req );

if( egrep( pattern:'^Location\\s*:.*%FF.*/cups/cgi-bin/admin\\.cgi', string:res ) ) {
  report = http_report_vuln_url( url:url, port:port );
  security_message( port:port, data:report );
  exit( 0 );
}

exit( 99 );

Related

veracode 1
debiancve 1
prion 1
seebug 1
nvd 1
exploitdb 1
cvelist 1
nessus 22
ubuntucve 1
cve 1
openvas 29
oraclelinux 1
slackware 1
redhat 1
centos 1
ubuntu 1
fedora 5
osv 1
debian 1
gentoo 1
veracode
veracode
Information Disclosure
2020-04-10 00:44:31
debiancve
debiancve
CVE-2010-1748
2010-06-17 16:30:01
prion
prion
Design/Logic Flaw
2010-06-17 16:30:00
seebug
seebug
Mac OS X CUPS Web界面信息泄露漏洞
2010-06-21 00:00:00
nvd
nvd
CVE-2010-1748
2010-06-17 16:30:01
exploitdb
exploitdb
CUPS 1.4.2 - Web Interface Information Disclosure
2010-06-15 00:00:00
cvelist
cvelist
CVE-2010-1748
2010-06-17 16:00:00
nessus
nessus
CUPS Memory Information Disclosure
2010-07-14 00:00:00
Fedora 11 : cups-1.4.4-4.fc11 (2010-10066)
2010-07-01 00:00:00
RHEL 3 / 4 / 5 : cups (RHSA-2010:0490)
2010-06-18 00:00:00
ubuntucve
ubuntucve
CVE-2010-1748
2010-06-17 00:00:00
cve
cve
CVE-2010-1748
2010-06-17 16:30:01
openvas
openvas
CUPS < 1.4.4 Multiple Vulnerabilities
2010-06-22 00:00:00
RedHat Update for cups RHSA-2010:0490-01
2010-06-18 00:00:00
CentOS Update for cups CESA-2010:0490 centos3 i386
2010-08-20 00:00:00
oraclelinux
oraclelinux
cups security update
2010-06-17 00:00:00
slackware
slackware
[slackware-security] cups
2010-06-25 18:33:46
redhat
redhat
(RHSA-2010:0490) Important: cups security update
2010-06-17 00:00:00
centos
centos
cups security update
2010-06-19 23:35:01
ubuntu
ubuntu
CUPS vulnerabilities
2010-06-21 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: cups-1.4.4-5.fc13
2010-07-01 18:44:56
[SECURITY] Fedora 12 Update: cups-1.4.4-5.fc12
2010-07-27 02:46:22
[SECURITY] Fedora 11 Update: cups-1.4.4-4.fc11
2010-06-25 18:10:49
osv
osv
cups - several
2011-03-02 00:00:00
debian
debian
[SECURITY] [DSA 2176-1] cups security update
2011-03-01 23:31:10
gentoo
gentoo
CUPS: Multiple vulnerabilities
2012-07-09 00:00:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

AI Score

8.3

Confidence

High

EPSS

0.013

Percentile

85.7%

JSON
Related for OPENVAS:1361412562310801664
veracode1debiancve1prion1seebug1nvd1exploitdb1cvelist1nessus22ubuntucve1cve1openvas29oraclelinux1slackware1redhat1centos1ubuntu1fedora5osv1debian1gentoo1