Published: 08/12/2008 Updated: 29/09/2017

CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4

VMScore: 695

Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C

pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pstopdf.log temporary file, a different vulnerability than CVE-2001-1333.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple cups 1.3.8

It was discovered that CUPS didn’t properly handle adding a large number of RSS subscriptions A local user could exploit this and cause CUPS to crash, leading to a denial of service This issue only applied to Ubuntu 710, 804 LTS and 810 (CVE-2008-5183) ...

/* * cve-2008-5377c * * CUPS < 138-4 pstopdf filter exploit * Jon Oberheide <jon@oberheideorg> * jonoberheideorg * * Usage: * * $ gcc cve-2008-5377c -o cve-2008-5377c * $ /cve-2008-5377 * $ id * uid=0(root) gid=1000(vm) * * Information: * * cvemitreorg/cgi-bin/cvenamecgi?name=cve-200 ...

CUPS versions below 138-4 privilege escalation exploit ...

CWE-59 http://lists.debian.org/debian-devel/2008/08/msg00347.html http://uvw.ru/report.sid.txt https://www.exploit-db.com/exploits/7550 https://usn.ubuntu.com/707-1/https://nvd.nist.gov https://www.exploit-db.com/exploits/7550/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-5377

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect