oss-sec mailing list archives
Re: CVE request: CUPS DoS via RSS subscriptions
From: Eygene Ryabinkin <rea-sec () codelabs ru>
Date: Fri, 21 Nov 2008 08:20:00 +0300
Steve, good day. Thu, Nov 20, 2008 at 07:41:06PM -0500, Steven M. Christey wrote:
I treated this as two CVEs, one for the CSRF-simplifying attack, and a separate one for the CUPS server crash (assuming that cupsd should not be crashable by non-root authenticated users).
Please note that as it was discuissed in thread started with http://www.openwall.com/lists/oss-security/2008/11/19/4 even 1.3.9 is crashable by non-root authenticated users by adding a big number of subscriptions (don't know about RSS ones, though subscription for mailing upon job completion does its job). But I imagine that CVE-2008-5184 can't be used for 1.3.9, so remote attack is not feasible. I expect that the fix will go into 1.3.10: http://svn.easysw.com/public/cups/trunk/CHANGES-1.3.txt Adding Michael Sweet to the CC, since he can shed a bit more light on this matter. Perhaps CVE-2008-5183 should be extended or another CVE can be created. -- Eygene
Current thread:
- CVE request: CUPS DoS via RSS subscriptions Kees Cook (Nov 19)
- Re: CVE request: CUPS DoS via RSS subscriptions Steven M. Christey (Nov 20)
- Re: CVE request: CUPS DoS via RSS subscriptions Eygene Ryabinkin (Nov 20)
- Re: CVE request: CUPS DoS via RSS subscriptions Michael Sweet (Nov 21)
- Re: CVE request: cups - potential integer overflow in PNG image reader [was: CUPS DoS via RSS subscriptions] Jan Lieskovsky (Nov 25)
- Re: CVE request: cups - potential integer overflow in PNG image reader [was: CUPS DoS via RSS subscriptions] Eygene Ryabinkin (Nov 25)
- Re: CVE request: cups - potential integer overflow in PNG image reader [was: CUPS DoS via RSS subscriptions] Tomas Hoger (Nov 25)
- Message not available
- Message not available
- Re: CVE request: cups - potential integer overflow in PNG image reader [was: CUPS DoS via RSS subscriptions] Tomas Hoger (Dec 03)
- Re: CVE request: CUPS DoS via RSS subscriptions Eygene Ryabinkin (Nov 20)
- Re: CVE request: CUPS DoS via RSS subscriptions Steven M. Christey (Nov 20)
- <Possible follow-ups>
- Re: CVE request: CUPS DoS via RSS subscriptions Josh Bressers (Nov 19)
- Re: CVE request: CUPS DoS via RSS subscriptions Eygene Ryabinkin (Nov 19)
- Re: CVE request: CUPS DoS via RSS subscriptions Michael Sweet (Nov 19)
- Re: CVE request: CUPS DoS via RSS subscriptions Eygene Ryabinkin (Nov 20)
- Re: CVE request: CUPS DoS via RSS subscriptions Michael R Sweet (Nov 20)
- Re: CVE request: CUPS DoS via RSS subscriptions Eygene Ryabinkin (Nov 19)