CVE-2004-1268 Information

Description

lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file which allows local users to corrupt the file by filling the associated file system and triggering the write errors.

Reference

http://tigger.uic.edu/~jlongs2/holes/cups2.txt http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:008 http://www.redhat.com/support/errata/RHSA-2005-013.html http://www.redhat.com/support/errata/RHSA-2005-053.html https://exchange.xforce.ibmcloud.com/vulnerabilities/18606 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10398 https://usn.ubuntu.com/50-1/