← Back

CVE-2004-1270

nvd nist
Published: Jan 10, 2005Modified: Apr 16, 2026

JSON object

Loading...
2.1
Vector
AV:L/AC:L/Au:N/C:N/I:P/A:N
Exploitability: 3.9 / Impact: 2.9
Source: NVD

Description

lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to passwd.new via certain user input that triggers an error message.

Affected (24)

Easy Software Products
1 product
Cups
Redhat
1 product
Fedora Core
Configuration A
22 vulnerable
Vulnerable SoftwareAffected Versions
Cups
Version 1.0.4
Cups
Version 1.0.4_8
Cups
Version 1.1.10
Cups
Version 1.1.12
Cups
Version 1.1.13
Cups
Version 1.1.14
Cups
Version 1.1.15
Cups
Version 1.1.16
Cups
Version 1.1.17
Cups
Version 1.1.18
Cups
Version 1.1.19
Cups
Version 1.1.19_rc5
Cups
Version 1.1.1
Cups
Version 1.1.20
Cups
Version 1.1.21
Cups
Version 1.1.22_rc1
Cups
Version 1.1.4
Cups
Version 1.1.4_2
Cups
Version 1.1.4_3
Cups
Version 1.1.4_5
Cups
Version 1.1.6
Cups
Version 1.1.7
Configuration B
2 vulnerable
Vulnerable SoftwareAffected Versions
Redhat
Fedora Core
Version core_2.0
Fedora Core
Version core_3.0

References (16)

Source: cve@mitre.org
ExploitVendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.