5

CVE-2005-2874

Exploit

The is_path_absolute function in scheduler/client.c for the daemon in CUPS before 1.1.23 allows remote attackers to cause a denial of service (CPU consumption by tight loop) via a "..\.." URL in an HTTP request.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Easy Software ProductsCups Version1.1
Easy Software ProductsCups Version1.1.1
Easy Software ProductsCups Version1.1.2
Easy Software ProductsCups Version1.1.3
Easy Software ProductsCups Version1.1.4
Easy Software ProductsCups Version1.1.5
Easy Software ProductsCups Version1.1.5_1
Easy Software ProductsCups Version1.1.5_2
Easy Software ProductsCups Version1.1.6
Easy Software ProductsCups Version1.1.6_1
Easy Software ProductsCups Version1.1.6_2
Easy Software ProductsCups Version1.1.6_3
Easy Software ProductsCups Version1.1.7
Easy Software ProductsCups Version1.1.8
Easy Software ProductsCups Version1.1.9
Easy Software ProductsCups Version1.1.9_1
Easy Software ProductsCups Version1.1.10
Easy Software ProductsCups Version1.1.10_1
Easy Software ProductsCups Version1.1.11
Easy Software ProductsCups Version1.1.12
Easy Software ProductsCups Version1.1.13
Easy Software ProductsCups Version1.1.14
Easy Software ProductsCups Version1.1.15
Easy Software ProductsCups Version1.1.16
Easy Software ProductsCups Version1.1.17
Easy Software ProductsCups Version1.1.18
Easy Software ProductsCups Version1.1.19
Easy Software ProductsCups Version1.1.19_rc1
Easy Software ProductsCups Version1.1.19_rc2
Easy Software ProductsCups Version1.1.19_rc3
Easy Software ProductsCups Version1.1.19_rc4
Easy Software ProductsCups Version1.1.19_rc5
Easy Software ProductsCups Version1.1.20
Easy Software ProductsCups Version1.1.20_rc1
Easy Software ProductsCups Version1.1.20_rc2
Easy Software ProductsCups Version1.1.20_rc3
Easy Software ProductsCups Version1.1.20_rc4
Easy Software ProductsCups Version1.1.20_rc5
Easy Software ProductsCups Version1.1.20_rc6
Easy Software ProductsCups Version1.1.21
Easy Software ProductsCups Version1.1.21_rc1
Easy Software ProductsCups Version1.1.21_rc2
Easy Software ProductsCups Version1.1.22
Easy Software ProductsCups Version1.1.22_rc1
Easy Software ProductsCups Version1.1.22_rc2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.43% 0.798
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
http://securitytracker.com/id?1012811
Patch
Vendor Advisory
Exploit