2.1
CWE
NVD-CWE-Other
Advisory Published
Updated

CVE-2004-1270

First published: Wed Dec 22 2004(Updated: )

lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to passwd.new via certain user input that triggers an error message.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Easy Software Products Cups=1.1.19_rc5
Easy Software Products Cups=1.1.10
Easy Software Products Cups=1.1.16
Easy Software Products Cups=1.1.7
Easy Software Products Cups=1.0.4_8
Easy Software Products Cups=1.1.15
Easy Software Products Cups=1.1.21
Easy Software Products Cups=1.1.13
Easy Software Products Cups=1.1.17
Easy Software Products Cups=1.1.4_3
Easy Software Products Cups=1.1.4
Easy Software Products Cups=1.1.12
Easy Software Products Cups=1.1.22_rc1
Easy Software Products Cups=1.1.4_5
Easy Software Products Cups=1.1.1
Easy Software Products Cups=1.1.20
Easy Software Products Cups=1.1.18
Easy Software Products Cups=1.1.19
Easy Software Products Cups=1.0.4
Easy Software Products Cups=1.1.14
Easy Software Products Cups=1.1.4_2
Easy Software Products Cups=1.1.6
Redhat Fedora Core=core_2.0
Redhat Fedora Core=core_3.0

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203