CVE-2010-2432

Loading...

General

Score:5.0/10.0
Severity:Medium
Category:Resource Management Error

Impact Metrics

Confidentiality:None
Integrity:None
Availability:Partial

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Relative vulnerabilities

CVE-2008-5183, CVE-2009-3553, CVE-2010-0540, CVE-2010-0542, CVE-2010-1748, CVE-2010-2431, CVE-2010-2941

Published on 22/06/10 - Updated on 15/05/13

Description

The cupsDoAuthentication function in auth.c in the client in CUPS before 1.4.4, when HAVE_GSSAPI is omitted, does not properly handle a demand for authorization, which allows remote CUPS servers to cause a denial of service (infinite loop) via HTTP_UNAUTHORIZED responses.

Category: Resource Management Error

CWE-399 (Resource Management Errors)
Weaknesses in this category are related to improper management of system resources.

Security Notices

US National Vulnerability DatabaseCVE-2010-2432
Debian DSA-2176-1
Renater 2011/VULN168

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
applecups

Share this vulnerability with:

Twitter Facebook LinkedIn Mail