CVE-2009-0164

Published: Apr 24, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

The web interface for CUPS before 1.3.10 does not validate the HTTP Host header in a client request, which makes it easier for remote attackers to conduct DNS rebinding attacks.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://bugzilla.redhat.com/show_bug.cgi?id=490597

x_refsource_CONFIRM

GLSA-200904-20

vendor-advisory

x_refsource_GENTOO

http://www.cups.org/str.php?L3118

x_refsource_CONFIRM

http://www.cups.org/articles.php?L582

x_refsource_CONFIRM

http://support.apple.com/kb/HT3549

x_refsource_CONFIRM

http://wiki.rpath.com/Advisories:rPSA-2009-0061

x_refsource_CONFIRM

35074

third-party-advisory

x_refsource_SECUNIA

APPLE-SA-2009-05-12

vendor-advisory

x_refsource_APPLE

20090417 rPSA-2009-0061-1 cups

mailing-list

x_refsource_BUGTRAQ

TA09-133A

third-party-advisory

x_refsource_CERT

http://bugs.gentoo.org/show_bug.cgi?id=263070

x_refsource_CONFIRM

ADV-2009-1297

vdb-entry

x_refsource_VUPEN

34665

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2009-0164

Description

Affected Products

References