CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
98.6%
It was discovered that CUPS didn’t properly handle adding a large number of RSS
subscriptions. A local user could exploit this and cause CUPS to crash, leading
to a denial of service. This issue only applied to Ubuntu 7.10, 8.04 LTS and
8.10. (CVE-2008-5183)
It was discovered that CUPS did not authenticate users when adding and
cancelling RSS subscriptions. An unprivileged local user could bypass intended
restrictions and add a large number of RSS subscriptions. This issue only
applied to Ubuntu 7.10 and 8.04 LTS. (CVE-2008-5184)
It was discovered that the PNG filter in CUPS did not properly handle certain
malformed images. If a user or automated system were tricked into opening a
crafted PNG image file, a remote attacker could cause a denial of service or
execute arbitrary code with user privileges. In Ubuntu 7.10, 8.04 LTS, and 8.10,
attackers would be isolated by the AppArmor CUPS profile. (CVE-2008-5286)
It was discovered that the example pstopdf CUPS filter created log files in an
insecure way. Local users could exploit a race condition to create or overwrite
files with the privileges of the user invoking the program. This issue only
applied to Ubuntu 6.06 LTS, 7.10, and 8.04 LTS. (CVE-2008-5377)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 8.10 | noarch | cups | < 1.3.9-2ubuntu6.1 | UNKNOWN |
Ubuntu | 8.10 | noarch | cups | < bsd-1.3.9-2ubuntu6.1 | UNKNOWN |
Ubuntu | 8.10 | noarch | cups | < client-1.3.9-2ubuntu6.1 | UNKNOWN |
Ubuntu | 8.10 | noarch | cups | < dbg-1.3.9-2ubuntu6.1 | UNKNOWN |
Ubuntu | 8.10 | noarch | libcups2 | < 1.3.9-2ubuntu6.1 | UNKNOWN |
Ubuntu | 8.10 | noarch | libcups2 | < dev-1.3.9-2ubuntu6.1 | UNKNOWN |
Ubuntu | 8.10 | noarch | libcupsimage2 | < 1.3.9-2ubuntu6.1 | UNKNOWN |
Ubuntu | 8.10 | noarch | libcupsimage2 | < dev-1.3.9-2ubuntu6.1 | UNKNOWN |
Ubuntu | 8.04 | noarch | cupsys | < 1.3.7-1ubuntu3.3 | UNKNOWN |
Ubuntu | 8.04 | noarch | cupsys-bsd | < 1.3.7-1ubuntu3.3 | UNKNOWN |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
98.6%