var-200212-0658
Vulnerability from variot
Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descriptors to be assigned and not released, as demonstrated by fanta. ------------ This vulnerability information is a comprehensive explanation of multiple vulnerabilities that were published at the same time. Please note that this document contains vulnerability information other than the title. ------------Common Unix Printing System (CUPS) is some UNIX included in the UNIX Universally usable in the environment Internet Printing Protocol version 1.1 (IPP/1.1) A printing system that supports Red Hat Linux 7.3 as well as 8.0 It is also included in the package. this CUPS has the following security issues: still, Red Hat Linux Then CUPS is disabled in the default installation. 1. Problem where overflow occurs due to overflow of integer digits It was [CAN-2002-1383]CUPS There are some problems where overflow occurs due to integer digit overflow. for example, HTTP By exploiting this issue via an interface, a remote attacker could CUPSd execution privileges ( A user lp) can execute arbitrary code. 2. Resource race condition in temporary file generation process (race condition) problems that cause It was [CAN-2002-1366]CUPS teeth /etc/cups/certs/ less than pid ( at the time of generation CUPS process of ID) creates a temporary file with a filename of , so a local attacker can predict how the temporary filename is determined. Therefore, by creating a file with the same name as the temporary file that points to the intended file, root You can overwrite or create any file with permissions. In addition, in order to execute this attack, the above 1. Take advantage of the problems in lp User permission required. 3. Printer addition mechanism / Access control function issues It was [CAN-2002-1367] maliciously created remotely UDP packet CUPS You can add a printer by bypassing authentication by sending it to . Additionally, there is an issue with the access control mechanism of the printer addition mechanism that fails to check validity. The added printer information is root Since it is interpreted based on permissions, you can add any print by using these issues together. As a result, a local attacker can root Elevation to privilege is possible. 4. intentionally created HTTP by communication CUPSd Problem with crashing [CAN-2002-1368]CUPS Then IPP for the backend to accept connections with HTTP server (CUPSd) is included in the package. this HTTP server's HTTP The handling part of the code lacks sufficient validation of the range of values received, allowing a remote attacker to Contents-Length: Fields set to negative values or intentionally assembled into chunks HTTP By attempting to communicate using the protocol, CUPS It is possible to cause a denial of service. In addition, to restore normal operation, CUPSd requires a restart. 5. strncat Problem where buffer overflow occurs due to function [CAN-2002-1369]CUPS contains a buffer overflow issue when receiving printer jobs with specific attribute values. By exploiting this issue, a remote attacker could root It is possible to execute arbitrary code with privileges. To take advantage of this problem, use the above 3. You need to take advantage of the problem. 6.GIF Problems when handling files in this format [CAN-2002-1371]CUPS for GIF Width in the part that handles files in the format (width) There is an issue with insufficient validation of values. This allows remote attackers to create intentionally constructed widths. (width) But '0' is GIF overwrite the allocated memory contents by interpreting the format file, CUPS may execute arbitrary code with execution privileges. 7. File descriptor issues with sockets and files It was [CAN-2002-1372]CUPS There is an issue in which file descriptors for sockets and files are not properly closed. Therefore, a local attacker can exploit this issue to cause a memory leak and CUPS It is possible to cause a denial of service for the entire system running the system.Please refer to the "Overview" for the impact of this vulnerability. A vulnerability has been discovered in CUPS that may, under some circumstances, leak file descriptor information. Exploitation of this issue may allow an attacker to bind a malicious server instead of the cupsd server. The system is based on the Internet Printing Protocol (IPP) and provides most PostScript and raster printer services
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200212-0658",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "2.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.2"
},
{
"model": "cups",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.14"
},
{
"model": "cups",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.17"
},
{
"model": "red hat linux",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"model": "red hat linux",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": "8.0"
},
{
"model": "red hat linux",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": "7.3"
},
{
"model": "cups",
"scope": "eq",
"trust": 0.6,
"vendor": "easy products",
"version": "1.1.17"
},
{
"model": "cups",
"scope": "eq",
"trust": 0.6,
"vendor": "easy products",
"version": "1.0.4_8"
},
{
"model": "cups",
"scope": "eq",
"trust": 0.6,
"vendor": "easy products",
"version": "1.1.13"
},
{
"model": "cups",
"scope": "eq",
"trust": 0.6,
"vendor": "easy products",
"version": "1.1.14"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.17"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.16"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.15"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.14"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.13"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.12"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.10"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.7"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.6"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.4-5"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.4-3"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.4-2"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.4"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.1"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.0.4-8"
},
{
"model": "software products cups",
"scope": "eq",
"trust": 0.3,
"vendor": "easy",
"version": "1.0.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "software products cups",
"scope": "ne",
"trust": 0.3,
"vendor": "easy",
"version": "1.1.18"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
}
],
"sources": [
{
"db": "BID",
"id": "6440"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000335"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-066"
},
{
"db": "NVD",
"id": "CVE-2002-1372"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.1.17",
"versionStartIncluding": "1.1.14",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1372"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iDEFENSE Labs\u203b labs@idefense.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-066"
}
],
"trust": 0.6
},
"cve": "CVE-2002-1372",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2002-1372",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-5757",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2002-1372",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2002-1372",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200212-066",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-5757",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5757"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000335"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-066"
},
{
"db": "NVD",
"id": "CVE-2002-1372"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descriptors to be assigned and not released, as demonstrated by fanta. ------------ This vulnerability information is a comprehensive explanation of multiple vulnerabilities that were published at the same time. Please note that this document contains vulnerability information other than the title. ------------Common Unix Printing System (CUPS) is some UNIX included in the UNIX Universally usable in the environment Internet Printing Protocol version 1.1 (IPP/1.1) A printing system that supports Red Hat Linux 7.3 as well as 8.0 It is also included in the package. this CUPS has the following security issues: still, Red Hat Linux Then CUPS is disabled in the default installation. 1. Problem where overflow occurs due to overflow of integer digits It was [CAN-2002-1383]CUPS There are some problems where overflow occurs due to integer digit overflow. for example, HTTP By exploiting this issue via an interface, a remote attacker could CUPSd execution privileges ( A user lp) can execute arbitrary code. 2. Resource race condition in temporary file generation process (race condition) problems that cause It was [CAN-2002-1366]CUPS teeth /etc/cups/certs/ less than pid ( at the time of generation CUPS process of ID) creates a temporary file with a filename of , so a local attacker can predict how the temporary filename is determined. Therefore, by creating a file with the same name as the temporary file that points to the intended file, root You can overwrite or create any file with permissions. In addition, in order to execute this attack, the above 1. Take advantage of the problems in lp User permission required. 3. Printer addition mechanism / Access control function issues It was [CAN-2002-1367] maliciously created remotely UDP packet CUPS You can add a printer by bypassing authentication by sending it to . Additionally, there is an issue with the access control mechanism of the printer addition mechanism that fails to check validity. The added printer information is root Since it is interpreted based on permissions, you can add any print by using these issues together. As a result, a local attacker can root Elevation to privilege is possible. 4. intentionally created HTTP by communication CUPSd Problem with crashing [CAN-2002-1368]CUPS Then IPP for the backend to accept connections with HTTP server (CUPSd) is included in the package. this HTTP server\u0027s HTTP The handling part of the code lacks sufficient validation of the range of values \u200b\u200breceived, allowing a remote attacker to Contents-Length: Fields set to negative values \u200b\u200bor intentionally assembled into chunks HTTP By attempting to communicate using the protocol, CUPS It is possible to cause a denial of service. In addition, to restore normal operation, CUPSd requires a restart. 5. strncat Problem where buffer overflow occurs due to function [CAN-2002-1369]CUPS contains a buffer overflow issue when receiving printer jobs with specific attribute values. By exploiting this issue, a remote attacker could root It is possible to execute arbitrary code with privileges. To take advantage of this problem, use the above 3. You need to take advantage of the problem. 6.GIF Problems when handling files in this format [CAN-2002-1371]CUPS for GIF Width in the part that handles files in the format (width) There is an issue with insufficient validation of values. This allows remote attackers to create intentionally constructed widths. (width) But \u00270\u0027 is GIF overwrite the allocated memory contents by interpreting the format file, CUPS may execute arbitrary code with execution privileges. 7. File descriptor issues with sockets and files It was [CAN-2002-1372]CUPS There is an issue in which file descriptors for sockets and files are not properly closed. Therefore, a local attacker can exploit this issue to cause a memory leak and CUPS It is possible to cause a denial of service for the entire system running the system.Please refer to the \"Overview\" for the impact of this vulnerability. A vulnerability has been discovered in CUPS that may, under some circumstances, leak file descriptor information. \nExploitation of this issue may allow an attacker to bind a malicious server instead of the cupsd server. The system is based on the Internet Printing Protocol (IPP) and provides most PostScript and raster printer services",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1372"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000335"
},
{
"db": "BID",
"id": "6440"
},
{
"db": "VULHUB",
"id": "VHN-5757"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2002-1372",
"trust": 3.6
},
{
"db": "BID",
"id": "6440",
"trust": 2.8
},
{
"db": "BID",
"id": "6436",
"trust": 0.8
},
{
"db": "BID",
"id": "6435",
"trust": 0.8
},
{
"db": "BID",
"id": "6434",
"trust": 0.8
},
{
"db": "BID",
"id": "6439",
"trust": 0.8
},
{
"db": "BID",
"id": "6433",
"trust": 0.8
},
{
"db": "BID",
"id": "6437",
"trust": 0.8
},
{
"db": "BID",
"id": "6438",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000335",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200212-066",
"trust": 0.7
},
{
"db": "SUSE",
"id": "SUSE-SA:2003:002",
"trust": 0.6
},
{
"db": "CONECTIVA",
"id": "CLSA-2003:702",
"trust": 0.6
},
{
"db": "XF",
"id": "10912",
"trust": 0.6
},
{
"db": "MANDRAKE",
"id": "MDKSA-2003:001",
"trust": 0.6
},
{
"db": "VULNWATCH",
"id": "20021219 IDEFENSE SECURITY ADVISORY 12.19.02: MULTIPLE SECURITY VULNERABILITIES IN COMMON UNIX PRINTING SYSTEM (CUPS)",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-232",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20021219 IDEFENSE SECURITY ADVISORY 12.19.02: MULTIPLE SECURITY VULNERABILITIES IN COMMON UNIX PRINTING SYSTEM (CUPS)",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2002:295",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-5757",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5757"
},
{
"db": "BID",
"id": "6440"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000335"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-066"
},
{
"db": "NVD",
"id": "CVE-2002-1372"
}
]
},
"id": "VAR-200212-0658",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-5757"
}
],
"trust": 0.01
},
"last_update_date": "2024-02-22T22:41:24.411000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "RHSA-2002",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2002-295.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2002-000335"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-252",
"trust": 1.0
},
{
"problemtype": "Unchecked return value (CWE-252) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2002-000335"
},
{
"db": "NVD",
"id": "CVE-2002-1372"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/6440"
},
{
"trust": 2.3,
"url": "http://www.idefense.com/advisory/12.19.02.txt"
},
{
"trust": 1.7,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000702"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2003/dsa-232"
},
{
"trust": 1.7,
"url": "http://www.mandrakesoft.com/security/advisories?name=mdksa-2003:001"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2002-295.html"
},
{
"trust": 1.7,
"url": "http://www.novell.com/linux/security/advisories/2003_002_cups.html"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=104032149026670\u0026w=2"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10912"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-1372"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/6439"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/6437"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/6434"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/6433"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/6435"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/6436"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/6438"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/10912"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104032149026670\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.info.apple.com/usen/security/security_updates.html"
},
{
"trust": 0.3,
"url": "/archive/1/304031"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5757"
},
{
"db": "BID",
"id": "6440"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000335"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-066"
},
{
"db": "NVD",
"id": "CVE-2002-1372"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-5757"
},
{
"db": "BID",
"id": "6440"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000335"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-066"
},
{
"db": "NVD",
"id": "CVE-2002-1372"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-12-26T00:00:00",
"db": "VULHUB",
"id": "VHN-5757"
},
{
"date": "2002-12-19T00:00:00",
"db": "BID",
"id": "6440"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2002-000335"
},
{
"date": "2002-12-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-066"
},
{
"date": "2002-12-26T05:00:00",
"db": "NVD",
"id": "CVE-2002-1372"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-5757"
},
{
"date": "2009-07-11T19:17:00",
"db": "BID",
"id": "6440"
},
{
"date": "2024-02-22T02:36:00",
"db": "JVNDB",
"id": "JVNDB-2002-000335"
},
{
"date": "2006-01-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-066"
},
{
"date": "2024-01-21T01:39:35.663000",
"db": "NVD",
"id": "CVE-2002-1372"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-066"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CUPS\u00a0 Denial of service due to failure to properly handle file descriptors in \u00a0(DoS)\u00a0 Vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2002-000335"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access verification error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-066"
}
],
"trust": 0.6
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.