NVD脆弱性詳細

CVE-2004-1270

概要	lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to passwd.new via certain user input that triggers an error message.
公表日	2005年1月10日14:00
登録日	2021年1月29日18:00
最終更新日	2018年10月4日6:29

影響を受けるソフトウェアの構成

構成1	以上	以下	より上	未満
cpe:2.3:a:easy_software_products:cups:1.0.4:::::::*
cpe:2.3:a:easy_software_products:cups:1.0.4_8:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.1:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.4:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.4_2:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.4_3:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.4_5:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.6:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.7:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.10:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.12:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.13:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.14:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.15:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.16:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.17:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.18:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.19:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.19_rc5:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.20:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.21:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.22_rc1:::::::*

構成1	以上	以下	より上	未満
cpe:2.3:a:easy_software_products:cups:1.0.4:::::::*
cpe:2.3:a:easy_software_products:cups:1.0.4_8:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.1:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.4:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.4_2:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.4_3:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.4_5:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.6:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.7:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.10:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.12:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.13:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.14:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.15:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.16:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.17:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.18:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.19:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.19_rc5:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.20:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.21:::::::*
cpe:2.3:a:easy_software_products:cups:1.1.22_rc1:::::::*

No	URL	refsource	タグ
1	http://tigger.uic.edu/~jlongs2/holes/cups2.txt	MISC	Exploit Vendor Advisory
2	http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml	GENTOO
3	http://www.mandriva.com/security/advisories?name=MDKSA-2005:008	MANDRAKE
4	http://www.redhat.com/support/errata/RHSA-2005-013.html	REDHAT
5	http://www.redhat.com/support/errata/RHSA-2005-053.html	REDHAT
6	https://exchange.xforce.ibmcloud.com/vulnerabilities/18609	XF
7	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11507	OVAL
8	https://usn.ubuntu.com/50-1/	UBUNTU