Vulnerabilities > CVE-2003-0195 - Unspecified vulnerability in Slackware Linux 8.1/9.0

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
slackware
nessus
exploit available

Summary

CUPS before 1.1.19 allows remote attackers to cause a denial of service via a partial printing request to the IPP port (631), which does not time out.

Vulnerable Configurations

Part Description Count
OS
Slackware
2

Exploit-Db

descriptionCUPS 1.1.x Cupsd Request Method Denial Of Service Vulnerability. CVE-2003-0195. Dos exploit for linux platform
idEDB-ID:22619
last seen2016-02-02
modified2003-05-20
published2003-05-20
reporterPhil D'Amore
sourcehttps://www.exploit-db.com/download/22619/
titleCUPS 1.1.x Cupsd Request Method Denial of Service Vulnerability

Nessus

  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2003-062.NASL
    descriptionA Denial of Service (DoS) vulnerability was discovered in the CUPS printing system by Phil D
    last seen2020-06-01
    modified2020-06-02
    plugin id14045
    published2004-07-31
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/14045
    titleMandrake Linux Security Advisory : cups (MDKSA-2003:062)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Mandrake Linux Security Advisory MDKSA-2003:062. 
    # The text itself is copyright (C) Mandriva S.A.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(14045);
      script_version ("1.16");
      script_cvs_date("Date: 2019/08/02 13:32:46");
    
      script_cve_id("CVE-2003-0195");
      script_xref(name:"MDKSA", value:"2003:062");
    
      script_name(english:"Mandrake Linux Security Advisory : cups (MDKSA-2003:062)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Mandrake Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "A Denial of Service (DoS) vulnerability was discovered in the CUPS
    printing system by Phil D'Amore of Red Hat. The IPP (Internet Printing
    Protocol) that CUPS uses is single-threaded and can only service one
    request at a time. A malicious user could create a partial request
    that does not time out and cause a Denial of Service condition where
    CUPS will not respond to other printing requests. This can only be
    done if the malicious user can create a TCP connection to the IPP port
    (631 by default).
    
    This vulnerability has been fixed upstream in CUPS 1.1.19 and packages
    of previous versions have been fixed to correct the problem."
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:cups");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:cups-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:cups-serial");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libcups1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libcups1-devel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:8.2");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:9.0");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:9.1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2003/05/29");
      script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/31");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.");
      script_family(english:"Mandriva Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
    if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"MDK8.2", cpu:"i386", reference:"cups-1.1.18-2.1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK8.2", cpu:"i386", reference:"cups-common-1.1.18-2.1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK8.2", cpu:"i386", reference:"cups-serial-1.1.18-2.1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK8.2", cpu:"i386", reference:"libcups1-1.1.18-2.1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK8.2", cpu:"i386", reference:"libcups1-devel-1.1.18-2.1mdk", yank:"mdk")) flag++;
    
    if (rpm_check(release:"MDK9.0", cpu:"i386", reference:"cups-1.1.18-2.1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK9.0", cpu:"i386", reference:"cups-common-1.1.18-2.1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK9.0", cpu:"i386", reference:"cups-serial-1.1.18-2.1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK9.0", cpu:"i386", reference:"libcups1-1.1.18-2.1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK9.0", cpu:"i386", reference:"libcups1-devel-1.1.18-2.1mdk", yank:"mdk")) flag++;
    
    if (rpm_check(release:"MDK9.1", cpu:"i386", reference:"cups-1.1.19-1.1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK9.1", cpu:"i386", reference:"cups-common-1.1.19-1.1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK9.1", cpu:"i386", reference:"cups-serial-1.1.19-1.1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK9.1", cpu:"i386", reference:"libcups1-1.1.19-1.1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK9.1", cpu:"i386", reference:"libcups1-devel-1.1.19-1.1mdk", yank:"mdk")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-317.NASL
    descriptionThe CUPS print server in Debian is vulnerable to a denial of service when an HTTP request is received without being properly terminated.
    last seen2020-06-01
    modified2020-06-02
    plugin id15154
    published2004-09-29
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/15154
    titleDebian DSA-317-1 : cupsys - denial of service

Oval

accepted2010-09-20T04:00:32.153-04:00
classvulnerability
contributors
  • nameJay Beale
    organizationBastille Linux
  • nameJay Beale
    organizationBastille Linux
  • nameThomas R. Jones
    organizationMaitreya Security
  • nameJonathan Baker
    organizationThe MITRE Corporation
descriptionCUPS before 1.1.19 allows remote attackers to cause a denial of service via a partial printing request to the IPP port (631), which does not time out.
familyunix
idoval:org.mitre.oval:def:6
statusaccepted
submitted2003-08-19T12:00:00.000-04:00
titleCommon Unix Printing System Partial Print DOS
version41

Redhat

advisories
rhsa
idRHSA-2003:171