Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2003-0788

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-06 Nov, 2003 | 05:00
Updated At-08 Aug, 2024 | 02:05
Rejected At-
Credits

Unknown vulnerability in the Internet Printing Protocol (IPP) implementation in CUPS before 1.1.19 allows remote attackers to cause a denial of service (CPU consumption from a "busy loop") via certain inputs to the IPP port (TCP 631).

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:06 Nov, 2003 | 05:00
Updated At:08 Aug, 2024 | 02:05
Rejected At:
▼CVE Numbering Authority (CNA)

Unknown vulnerability in the Internet Printing Protocol (IPP) implementation in CUPS before 1.1.19 allows remote attackers to cause a denial of service (CPU consumption from a "busy loop") via certain inputs to the IPP port (TCP 631).

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/8952
vdb-entry
x_refsource_BID
http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000788
vendor-advisory
x_refsource_CONECTIVA
http://www.turbolinux.com/security/TLSA-2003-63.txt
vendor-advisory
x_refsource_TURBO
http://www.redhat.com/support/errata/RHSA-2003-275.html
vendor-advisory
x_refsource_REDHAT
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:104
vendor-advisory
x_refsource_MANDRAKE
http://secunia.com/advisories/10123
third-party-advisory
x_refsource_SECUNIA
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=97958
x_refsource_MISC
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000779
vendor-advisory
x_refsource_CONECTIVA
https://exchange.xforce.ibmcloud.com/vulnerabilities/13584
vdb-entry
x_refsource_XF
Hyperlink: http://www.securityfocus.com/bid/8952
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000788
Resource:
vendor-advisory
x_refsource_CONECTIVA
Hyperlink: http://www.turbolinux.com/security/TLSA-2003-63.txt
Resource:
vendor-advisory
x_refsource_TURBO
Hyperlink: http://www.redhat.com/support/errata/RHSA-2003-275.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:104
Resource:
vendor-advisory
x_refsource_MANDRAKE
Hyperlink: http://secunia.com/advisories/10123
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=97958
Resource:
x_refsource_MISC
Hyperlink: http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000779
Resource:
vendor-advisory
x_refsource_CONECTIVA
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/13584
Resource:
vdb-entry
x_refsource_XF
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/8952
vdb-entry
x_refsource_BID
x_transferred
http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000788
vendor-advisory
x_refsource_CONECTIVA
x_transferred
http://www.turbolinux.com/security/TLSA-2003-63.txt
vendor-advisory
x_refsource_TURBO
x_transferred
http://www.redhat.com/support/errata/RHSA-2003-275.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:104
vendor-advisory
x_refsource_MANDRAKE
x_transferred
http://secunia.com/advisories/10123
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=97958
x_refsource_MISC
x_transferred
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000779
vendor-advisory
x_refsource_CONECTIVA
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/13584
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://www.securityfocus.com/bid/8952
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000788
Resource:
vendor-advisory
x_refsource_CONECTIVA
x_transferred
Hyperlink: http://www.turbolinux.com/security/TLSA-2003-63.txt
Resource:
vendor-advisory
x_refsource_TURBO
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2003-275.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:104
Resource:
vendor-advisory
x_refsource_MANDRAKE
x_transferred
Hyperlink: http://secunia.com/advisories/10123
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=97958
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000779
Resource:
vendor-advisory
x_refsource_CONECTIVA
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/13584
Resource:
vdb-entry
x_refsource_XF
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:01 Dec, 2003 | 05:00
Updated At:03 Apr, 2025 | 01:03

Unknown vulnerability in the Internet Printing Protocol (IPP) implementation in CUPS before 1.1.19 allows remote attackers to cause a denial of service (CPU consumption from a "busy loop") via certain inputs to the IPP port (TCP 631).

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
easy_software_products
easy_software_products
>>cups>>1.0.4
cpe:2.3:a:easy_software_products:cups:1.0.4:*:*:*:*:*:*:*
easy_software_products
easy_software_products
>>cups>>1.0.4_8
cpe:2.3:a:easy_software_products:cups:1.0.4_8:*:*:*:*:*:*:*
easy_software_products
easy_software_products
>>cups>>1.1.1
cpe:2.3:a:easy_software_products:cups:1.1.1:*:*:*:*:*:*:*
easy_software_products
easy_software_products
>>cups>>1.1.4
cpe:2.3:a:easy_software_products:cups:1.1.4:*:*:*:*:*:*:*
easy_software_products
easy_software_products
>>cups>>1.1.4_2
cpe:2.3:a:easy_software_products:cups:1.1.4_2:*:*:*:*:*:*:*
easy_software_products
easy_software_products
>>cups>>1.1.4_3
cpe:2.3:a:easy_software_products:cups:1.1.4_3:*:*:*:*:*:*:*
easy_software_products
easy_software_products
>>cups>>1.1.4_5
cpe:2.3:a:easy_software_products:cups:1.1.4_5:*:*:*:*:*:*:*
easy_software_products
easy_software_products
>>cups>>1.1.6
cpe:2.3:a:easy_software_products:cups:1.1.6:*:*:*:*:*:*:*
easy_software_products
easy_software_products
>>cups>>1.1.7
cpe:2.3:a:easy_software_products:cups:1.1.7:*:*:*:*:*:*:*
easy_software_products
easy_software_products
>>cups>>1.1.10
cpe:2.3:a:easy_software_products:cups:1.1.10:*:*:*:*:*:*:*
easy_software_products
easy_software_products
>>cups>>1.1.12
cpe:2.3:a:easy_software_products:cups:1.1.12:*:*:*:*:*:*:*
easy_software_products
easy_software_products
>>cups>>1.1.13
cpe:2.3:a:easy_software_products:cups:1.1.13:*:*:*:*:*:*:*
easy_software_products
easy_software_products
>>cups>>1.1.14
cpe:2.3:a:easy_software_products:cups:1.1.14:*:*:*:*:*:*:*
easy_software_products
easy_software_products
>>cups>>1.1.15
cpe:2.3:a:easy_software_products:cups:1.1.15:*:*:*:*:*:*:*
easy_software_products
easy_software_products
>>cups>>1.1.16
cpe:2.3:a:easy_software_products:cups:1.1.16:*:*:*:*:*:*:*
easy_software_products
easy_software_products
>>cups>>1.1.17
cpe:2.3:a:easy_software_products:cups:1.1.17:*:*:*:*:*:*:*
easy_software_products
easy_software_products
>>cups>>1.1.18
cpe:2.3:a:easy_software_products:cups:1.1.18:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=97958cve@mitre.org
N/A
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000779cve@mitre.org
N/A
http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000788cve@mitre.org
N/A
http://secunia.com/advisories/10123cve@mitre.org
N/A
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:104cve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2003-275.htmlcve@mitre.org
Patch
Vendor Advisory
http://www.securityfocus.com/bid/8952cve@mitre.org
Patch
Vendor Advisory
http://www.turbolinux.com/security/TLSA-2003-63.txtcve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/13584cve@mitre.org
N/A
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=97958af854a3a-2127-422b-91ae-364da2661108
N/A
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000779af854a3a-2127-422b-91ae-364da2661108
N/A
http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000788af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/10123af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:104af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2003-275.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://www.securityfocus.com/bid/8952af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://www.turbolinux.com/security/TLSA-2003-63.txtaf854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/13584af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=97958
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000779
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000788
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/10123
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:104
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2003-275.html
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/8952
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.turbolinux.com/security/TLSA-2003-63.txt
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/13584
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=97958
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000779
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000788
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/10123
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:104
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2003-275.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/8952
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.turbolinux.com/security/TLSA-2003-63.txt
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/13584
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

8Records found
CVE-2005-2874
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-1.43% / 79.88%
||
7 Day CHG~0.00%
Published-13 Sep, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The is_path_absolute function in scheduler/client.c for the daemon in CUPS before 1.1.23 allows remote attackers to cause a denial of service (CPU consumption by tight loop) via a "..\.." URL in an HTTP request.

Action-Not Available
Vendor-easy_software_productsn/a
Product-cupsn/a
CVE-2005-3626
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-9.17% / 92.36%
||
7 Day CHG~0.00%
Published-06 Jan, 2006 | 22:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.

Action-Not Available
Vendor-conectivascoxpdftetexturbolinuxlibextractortrustixpopplereasy_software_productsn/aMandriva (Mandrakesoft)KDESlackwareGentoo Foundation, Inc.Debian GNU/LinuxRed Hat, Inc.SUSEUbuntuSilicon Graphics, Inc.
Product-popplerkwordtetexsecure_linuxxpdfubuntu_linuxopenserverturbolinux_desktoplibextractorturbolinux_multimediaturbolinux_homedebian_linuxturbolinux_workstationkdegraphicslinuxenterprise_linuxlinux_advanced_workstationpropackcupskofficemandrake_linux_corporate_serverturbolinux_serverturbolinuxenterprise_linux_desktopsuse_linuxkpdfturbolinux_personalfedora_coreturbolinux_appliance_serverslackware_linuxmandrake_linuxn/a
CVE-2005-2526
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.74% / 71.96%
||
7 Day CHG~0.00%
Published-19 Aug, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CUPS in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to cause a denial of service (CPU consumption) by sending a partial IPP request and closing the connection.

Action-Not Available
Vendor-easy_software_productsn/aApple Inc.
Product-cupsmac_os_xn/a
CVE-2004-1269
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-8.64% / 92.06%
||
7 Day CHG~0.00%
Published-22 Dec, 2004 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it encounters a file-size resource limit while writing to passwd.new, which causes subsequent invocations of lppasswd to fail.

Action-Not Available
Vendor-easy_software_productsn/aRed Hat, Inc.
Product-cupsfedora_coren/a
CVE-2008-0597
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-5.28% / 89.62%
||
7 Day CHG~0.00%
Published-26 Feb, 2008 | 00:00
Updated-07 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in CUPS before 1.1.22, and possibly other versions, allows remote attackers to cause a denial of service (crash) via crafted IPP packets.

Action-Not Available
Vendor-easy_software_productsn/aRed Hat, Inc.
Product-desktopcupsenterprise_linuxn/a
CWE ID-CWE-399
Not Available
CVE-2004-0558
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-8.77% / 92.15%
||
7 Day CHG~0.00%
Published-17 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Internet Printing Protocol (IPP) implementation in CUPS before 1.1.21 allows remote attackers to cause a denial of service (service hang) via a certain UDP packet to the IPP port.

Action-Not Available
Vendor-easy_software_productsn/a
Product-cupsn/a
CVE-2005-2525
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.74% / 71.96%
||
7 Day CHG~0.00%
Published-19 Aug, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CUPS in Mac OS X 10.3.9 and 10.4.2 does not properly close file descriptors when handling multiple simultaneous print jobs, which allows remote attackers to cause a denial of service (printing halt).

Action-Not Available
Vendor-easy_software_productsn/aApple Inc.
Product-cupsmac_os_xn/a
CVE-2008-0596
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-3.85% / 87.73%
||
7 Day CHG~0.00%
Published-26 Feb, 2008 | 00:00
Updated-07 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in CUPS before 1.1.22, and possibly other versions, allows remote attackers to cause a denial of service (memory consumption and daemon crash) via a large number of requests to add and remove shared printers.

Action-Not Available
Vendor-easy_software_productsn/aRed Hat, Inc.
Product-desktopcupsenterprise_linuxn/a
CWE ID-CWE-399
Not Available
Details not found