Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2004-0558

Published: 28/09/2004 Updated: 13/03/2018
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 505
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Easy Software Products

Vulnerability Summary

The Internet Printing Protocol (IPP) implementation in CUPS prior to 1.1.21 allows remote malicious users to cause a denial of service (service hang) via a certain UDP packet to the IPP port.

Vulnerable Product Search on Vulmon Subscribe to Product

easy software products cups

Vendor Advisories

Red Hat: cups security update
Synopsis cups security update Type/Severity Security Advisory: Moderate Topic Updated cups packages that fix a denial of service vulnerability are nowavailable Description The Common UNIX Printing System (CUPS) is a print spoolerAlvaro Martinez Echevarria reported a bug in the CUPS Intern ...
Debian Security Advisories: DSA-545-1 cupsys -- denial of service
Alvaro Martinez Echevarria discovered a problem in CUPS, the Common UNIX Printing System An attacker can easily disable browsing in CUPS by sending a specially crafted UDP datagram to port 631 where cupsd is running For the stable distribution (woody) this problem has been fixed in version 1114-5woody6 For the unstable distribution (sid) this ...

Exploits

Exploit DB: CUPS 1.1.x - UDP Packet Remote Denial of Service
source: wwwsecurityfocuscom/bid/11183/info CUPS is prone to a remotely exploitable denial of service vulnerability that may be triggered through port 631 by a zero-length UDP packet nmap -sU -p 631 examplecom ...

Github Repositories

https://github.com/fibonascii/CVE-2004-0558

This is a proof of concept exploit for CVE-2004-0558 Specific versions of CUPs (11x) are vulnerable to a Denial of Service attack when sent a zero-length UDP packet wwwexploit-dbcom/exploits/24599/ It's worth noting that this can be achieved with nmap, and this exploit was developed for research and educational purposes Usage: python kill-cupspy -t 1921681

References

NVD-CWE-Otherhttp://www.redhat.com/support/errata/RHSA-2004-449.htmlhttp://lists.apple.com/archives/security-announce/2004/Oct/msg00000.htmlhttp://www.debian.org/security/2004/dsa-545https://bugzilla.fedora.us/show_bug.cgi?id=2072http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:097http://www.trustix.org/errata/2004/0047/http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000872http://sunsolve.sun.com/search/document.do?assetkey=1-26-57646-1http://www.securityfocus.com/bid/11183http://sunsolve.sun.com/search/document.do?assetkey=1-66-201005-1http://www.suse.com/de/security/2004_31_cups.htmlhttp://sunsolve.sun.com/search/document.do?assetkey=1-77-1000757.1-1http://marc.info/?l=bugtraq&m=109760654431316&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/17389https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11732https://github.com/fibonascii/CVE-2004-0558https://access.redhat.com/errata/RHSA-2004:449https://nvd.nist.govhttps://www.exploit-db.com/exploits/24599/https://www.debian.org/security/./dsa-545
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924CVE-2024-3400overflowCVE-2024-23528CVE-2024-21338CVE-2024-3818CVE-2024-23535NULL pointer dereferenceelevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook