Common Unix Printing System (CUPS) 1.1.14 up to and including 1.1.17 allows remote malicious users to add printers without authentication via a certain UDP packet, which can then be used to perform unauthorized activities such as stealing the local root certificate for the administration server via a "need authorization" page, as demonstrated by new-coke.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
easy software products cups 1.1.14 |
||
easy software products cups 1.1.17 |
||
easy software products cups 1.0.4 |
||
easy software products cups 1.0.4_8 |
||
easy software products cups 1.1.4_3 |
||
easy software products cups 1.1.4_5 |
||
easy software products cups 1.1.4 |
||
easy software products cups 1.1.4_2 |
||
easy software products cups 1.1.1 |
||
easy software products cups 1.1.10 |
||
easy software products cups 1.1.13 |
||
easy software products cups 1.1.6 |
||
easy software products cups 1.1.7 |
||
apple mac os x 10.2 |
||
apple mac os x 10.2.2 |
Vulmon