Back to search
CVE-2010-2432
Published: Jun 22, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
The cupsDoAuthentication function in auth.c in the client in CUPS before 1.4.4, when HAVE_GSSAPI is omitted, does not properly handle a demand for authorization, which allows remote CUPS servers to cause a denial of service (infinite loop) via HTTP_UNAUTHORIZED responses.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://cups.org/str.php?L3518
x_refsource_CONFIRM
http://cups.org/articles.php?L596
x_refsource_CONFIRM
DSA-2176
vendor-advisory
x_refsource_DEBIAN
GLSA-201207-10
vendor-advisory
x_refsource_GENTOO
MDVSA-2011:146
vendor-advisory
x_refsource_MANDRIVA
ADV-2011-0535
vdb-entry
x_refsource_VUPEN
43521
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now