Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2010-2432

The cupsDoAuthentication function in auth.c in the client in CUPS before 1.4.4, when HAVE_GSSAPI is omitted, does not properly handle a demand for authorization, which allows remote CUPS servers to cause a denial of service (infinite loop) via HTTP_UNAUTHORIZED responses.

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://cups.org/articl...
CONFIRM: http://cups.org/str.ph...
DEBIAN: DSA-2176
SECUNIA: 43521
VUPEN: ADV-2011-0535
MANDRIVA: MDVSA-2011:146
GENTOO: GLSA-201207-10

Launchpad.net

CVE 2010-2432

Related bugs

References