Summary
This host is running CUPS (Common UNIX Printing System) Service, which is prone to Denial of Service Vulnerability.
Impact
Successful exploitation causes Denial of Service condition.
Impact Level: Application
Solution
Upgrade to CUPS Version 1.3.8 or later.
http://www.cups.org/software.php
Insight
The flaw is due to error in web interface (cgi-bin/admin.c), which uses the guest username when a user is not logged on to the web server.
This leads to CSRF attacks with the add/cancel RSS subscription functions.
Affected
CUPS Versions prior to 1.3.8 on Linux.
References
Severity
Classification
-
CVE CVE-2008-5183, CVE-2008-5184 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities