CVE-2008-5183

HIGHCVSS 7.5

7.5

cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial of service (daemon crash) by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference. NOTE: this issue can be triggered remotely by leveraging CVE-2008-5184.

🔗 References (42)

security@ubuntuhttp://lab.gnucitizen.org/projects/cups-0day
security@ubuntuhttp://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
security@ubuntuhttp://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html
security@ubuntuhttp://secunia.com/advisories/33937
security@ubuntuhttp://secunia.com/advisories/43521
security@ubuntuhttp://support.apple.com/kb/HT3438
security@ubuntuhttp://www.debian.org/security/2011/dsa-2176
security@ubuntuhttp://www.gnucitizen.org/blog/pwning-ubuntu-via-cups/
security@ubuntuhttp://www.mandriva.com/security/advisories?name=MDVSA-2009:028
security@ubuntuhttp://www.openwall.com/lists/oss-security/2008/11/19/3
security@ubuntuhttp://www.openwall.com/lists/oss-security/2008/11/19/4
security@ubuntuhttp://www.openwall.com/lists/oss-security/2008/11/20/1
security@ubuntuhttp://www.redhat.com/support/errata/RHSA-2008-1029.html
security@ubuntuhttp://www.securityfocus.com/bid/32419
security@ubuntuhttp://www.securitytracker.com/id?1021396

Is Your Infrastructure Affected by CVE-2008-5183?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2008-5183

📅 Published

🔄 Last Modified

🔗 References (42)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2008-5183?