var-200212-0655
Vulnerability from variot
Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing negative arguments to be fed into memcpy() calls via HTTP requests with (1) a negative Content-Length value or (2) a negative length in a chunked transfer encoding. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ Common Unix Printing System (CUPS) Some UNIX Included in the UNIX Can be used universally in the environment Internet Printing Protocol version 1.1 (IPP/1.1) Is a printing system that supports Red Hat Linux 7.3 as well as 8.0 It is also bundled with. this CUPS Has the following security issues: still, Red Hat Linux Then CUPS Is disabled in the default installation. 1. Overflow due to overflow of integer digits * [CAN-2002-1383] CUPS There are a few problems with overflowing integer digits. For example, HTTP By exploiting this issue through the interface, a remote attacker can CUPSd Execute permission ( A user lp) Can execute arbitrary code. 2. Resource race condition for temporary file generation processing (race condition) Problem * [CAN-2002-1366] CUPS Is /etc/cups/certs/ less than pid ( Generation time CUPS Process ID) Creates a temporary file with a file name of, so a local attacker can predict how the temporary file name is determined. Therefore, by creating a file with the same name as the temporary file that points to the intended file, root Any file can be overwritten or created with authority. In order to execute this attack, 1. In advance, lp User rights are required. 3. Printer addition mechanism / Problems with the access control function * [CAN-2002-1367] Malicious maliciously created remotely UDP Packet CUPS By sending to, you can bypass the authentication and add a printer. Furthermore, there is a problem that the access control mechanism of the printer addition mechanism neglects the validity check. The added printer information is root Since it is interpreted by the authority, any print can be added by using these problems together. As a result, local attackers root Elevation to privilege is possible. 4. Intentionally created HTTP By communication CUPSd That crashes [CAN-2002-1368] CUPS Then IPP To accept connections on the backend HTTP server (CUPSd) Is included. To restore normal operation CUPSd Needs to be restarted. 5. strncat Problem of buffer overflow caused by function [CAN-2002-1369] CUPS Has a buffer overflow problem when receiving a printer job with a specific attribute value. By using this issue, a remote attacker can root It is possible to execute arbitrary code with authority. To take advantage of this issue, 3. Need to take advantage of the problem. 6.GIF Problems when handling file formats [CAN-2002-1371] CUPS In GIF Width in the part that handles format files (width) There is a problem with the process of validating the value of. For this reason, remote attackers are deliberately assembled (width) But '0' Is GIF Overwrite the allocated memory contents by interpreting the format file, CUPS An arbitrary code may be executed with the execution right. 7. File descriptor issues with sockets and files * [CAN-2002-1372] CUPS Has a problem that does not properly close file descriptors for sockets and files. For this reason, local attackers can use this issue to cause memory leaks, CUPS It is possible to put the entire system running in a service out of service state.Please refer to the “Overview” for the impact of this vulnerability. A vulnerability has been reported for CUPS that if exploited may result in a DoS or the execute of code on affected systems. An attacker can exploit this vulnerability by connecting to a vulnerable system and issuing malformed HTTP headers with a negative value for some fields. When the cupsd service receives this request, it will crash. This vulnerability is very similar to the issue described in BID 5033. It may be very likely that this vulnerability may be exploited to execute malicious attacker-supplied code on BSD, and possibly other, platforms. *** January 05, 2003 There are reports of this vulnerability being actively exploited in the wild. Vulnerable users are advised to update immediately
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200212-0655",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cups",
"scope": "eq",
"trust": 1.6,
"vendor": "easy products",
"version": "1.1.4_2"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "easy products",
"version": "1.1.1"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "easy products",
"version": "1.1.10"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "easy products",
"version": "1.1.4"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "easy products",
"version": "1.0.4"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "easy products",
"version": "1.1.14"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.2"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "easy products",
"version": "1.1.6"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "easy products",
"version": "1.1.17"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "easy products",
"version": "1.1.13"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "easy products",
"version": "1.0.4_8"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "easy products",
"version": "1.1.4_5"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "easy products",
"version": "1.1.4_3"
},
{
"model": "cups",
"scope": "eq",
"trust": 1.0,
"vendor": "easy products",
"version": "1.1.7"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "8.0"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.17"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.16"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.15"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.14"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.13"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.12"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.10"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.7"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.6"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.4-5"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.4-3"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.4-2"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.4"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.1"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.0.4-8"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.0.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "software products cups",
"scope": "ne",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.18"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
}
],
"sources": [
{
"db": "BID",
"id": "6437"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000332"
},
{
"db": "NVD",
"id": "CVE-2002-1368"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-076"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:easy_software_products:cups:1.1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:easy_software_products:cups:1.1.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:easy_software_products:cups:1.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:easy_software_products:cups:1.0.4_8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:easy_software_products:cups:1.1.4_2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:easy_software_products:cups:1.1.4_3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:easy_software_products:cups:1.1.4_5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:easy_software_products:cups:1.1.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:easy_software_products:cups:1.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:easy_software_products:cups:1.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:easy_software_products:cups:1.1.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:easy_software_products:cups:1.1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:easy_software_products:cups:1.1.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1368"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by zen-parse.",
"sources": [
{
"db": "BID",
"id": "6437"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-076"
}
],
"trust": 0.9
},
"cve": "CVE-2002-1368",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2002-1368",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-5753",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2002-1368",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200212-076",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-5753",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5753"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000332"
},
{
"db": "NVD",
"id": "CVE-2002-1368"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-076"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing negative arguments to be fed into memcpy() calls via HTTP requests with (1) a negative Content-Length value or (2) a negative length in a chunked transfer encoding. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ Common Unix Printing System (CUPS) Some UNIX Included in the UNIX Can be used universally in the environment Internet Printing Protocol version 1.1 (IPP/1.1) Is a printing system that supports Red Hat Linux 7.3 as well as 8.0 It is also bundled with. this CUPS Has the following security issues: still, Red Hat Linux Then CUPS Is disabled in the default installation. 1. Overflow due to overflow of integer digits * [CAN-2002-1383] CUPS There are a few problems with overflowing integer digits. For example, HTTP By exploiting this issue through the interface, a remote attacker can CUPSd Execute permission ( A user lp) Can execute arbitrary code. 2. Resource race condition for temporary file generation processing (race condition) Problem * [CAN-2002-1366] CUPS Is /etc/cups/certs/ less than pid ( Generation time CUPS Process ID) Creates a temporary file with a file name of, so a local attacker can predict how the temporary file name is determined. Therefore, by creating a file with the same name as the temporary file that points to the intended file, root Any file can be overwritten or created with authority. In order to execute this attack, 1. In advance, lp User rights are required. 3. Printer addition mechanism / Problems with the access control function * [CAN-2002-1367] Malicious maliciously created remotely UDP Packet CUPS By sending to, you can bypass the authentication and add a printer. Furthermore, there is a problem that the access control mechanism of the printer addition mechanism neglects the validity check. The added printer information is root Since it is interpreted by the authority, any print can be added by using these problems together. As a result, local attackers root Elevation to privilege is possible. 4. Intentionally created HTTP By communication CUPSd That crashes [CAN-2002-1368] CUPS Then IPP To accept connections on the backend HTTP server (CUPSd) Is included. To restore normal operation CUPSd Needs to be restarted. 5. strncat Problem of buffer overflow caused by function [CAN-2002-1369] CUPS Has a buffer overflow problem when receiving a printer job with a specific attribute value. By using this issue, a remote attacker can root It is possible to execute arbitrary code with authority. To take advantage of this issue, 3. Need to take advantage of the problem. 6.GIF Problems when handling file formats [CAN-2002-1371] CUPS In GIF Width in the part that handles format files (width) There is a problem with the process of validating the value of. For this reason, remote attackers are deliberately assembled (width) But \u00270\u0027 Is GIF Overwrite the allocated memory contents by interpreting the format file, CUPS An arbitrary code may be executed with the execution right. 7. File descriptor issues with sockets and files * [CAN-2002-1372] CUPS Has a problem that does not properly close file descriptors for sockets and files. For this reason, local attackers can use this issue to cause memory leaks, CUPS It is possible to put the entire system running in a service out of service state.Please refer to the \u201cOverview\u201d for the impact of this vulnerability. A vulnerability has been reported for CUPS that if exploited may result in a DoS or the execute of code on affected systems. \nAn attacker can exploit this vulnerability by connecting to a vulnerable system and issuing malformed HTTP headers with a negative value for some fields. When the cupsd service receives this request, it will crash. \nThis vulnerability is very similar to the issue described in BID 5033. It may be very likely that this vulnerability may be exploited to execute malicious attacker-supplied code on BSD, and possibly other, platforms. \n*** January 05, 2003\nThere are reports of this vulnerability being actively exploited in the wild. Vulnerable users are advised to update immediately",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1368"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000332"
},
{
"db": "BID",
"id": "6437"
},
{
"db": "VULHUB",
"id": "VHN-5753"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-5753",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5753"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2002-1368",
"trust": 2.8
},
{
"db": "BID",
"id": "6437",
"trust": 2.2
},
{
"db": "SECUNIA",
"id": "7858",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "7756",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "9325",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "7913",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "7803",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "7843",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "7907",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "7794",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "8080",
"trust": 1.1
},
{
"db": "BID",
"id": "6435",
"trust": 0.8
},
{
"db": "BID",
"id": "6439",
"trust": 0.8
},
{
"db": "BID",
"id": "6434",
"trust": 0.8
},
{
"db": "BID",
"id": "6433",
"trust": 0.8
},
{
"db": "BID",
"id": "6440",
"trust": 0.8
},
{
"db": "BID",
"id": "6436",
"trust": 0.8
},
{
"db": "BID",
"id": "6438",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000332",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200212-076",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "22106",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-75917",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-5753",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5753"
},
{
"db": "BID",
"id": "6437"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000332"
},
{
"db": "NVD",
"id": "CVE-2002-1368"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-076"
}
]
},
"id": "VAR-200212-0655",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-5753"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:33:09.216000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "RHSA-2002:295",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2002-295.html"
},
{
"title": "RHSA-2002:295",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2002-295j.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2002-000332"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1368"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/6437"
},
{
"trust": 1.1,
"url": "ftp://ftp.sco.com/pub/security/openlinux/cssa-2003-004.0.txt"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2003/dsa-232"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2003:001"
},
{
"trust": 1.1,
"url": "http://www.idefense.com/advisory/12.19.02.txt"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2002-295.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/7756/"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/7794"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/7803"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/7843"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/7858"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/7907"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/7913/"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/8080/"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/9325/"
},
{
"trust": 1.1,
"url": "http://www.novell.com/linux/security/advisories/2003_002_cups.html"
},
{
"trust": 1.1,
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10909"
},
{
"trust": 1.0,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000702"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=104032149026670\u0026w=2"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-1368"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-1368"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/6438"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/6440"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/6439"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/6434"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/6433"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/6435"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/6436"
},
{
"trust": 0.3,
"url": "http://www.info.apple.com/usen/security/security_updates.html"
},
{
"trust": 0.3,
"url": "/archive/1/304031"
},
{
"trust": 0.3,
"url": "/archive/1/304265"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=104032149026670\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026amp;anuncio=000702"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5753"
},
{
"db": "BID",
"id": "6437"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000332"
},
{
"db": "NVD",
"id": "CVE-2002-1368"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-5753"
},
{
"db": "BID",
"id": "6437"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000332"
},
{
"db": "NVD",
"id": "CVE-2002-1368"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-076"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-12-26T00:00:00",
"db": "VULHUB",
"id": "VHN-5753"
},
{
"date": "2002-12-19T00:00:00",
"db": "BID",
"id": "6437"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2002-000332"
},
{
"date": "2002-12-26T05:00:00",
"db": "NVD",
"id": "CVE-2002-1368"
},
{
"date": "2002-12-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-076"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-5753"
},
{
"date": "2009-07-11T19:16:00",
"db": "BID",
"id": "6437"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2002-000332"
},
{
"date": "2017-07-11T01:29:14.367000",
"db": "NVD",
"id": "CVE-2002-1368"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-076"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-076"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CUPS of memcpy() Service disruption by handling negative values in functions (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2002-000332"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "6437"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-076"
}
],
"trust": 0.9
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.