CVE-2004-1270
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2004-1270
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to passwd.new via certain user input that triggers an error message.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
CUPS lppasswd 弱安全机制漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
CUPS(Common UNIX Printing System)是一个类Unix操作系统的组合式印刷系统,允许一台电脑作为打印服务器。 CUPS 1.1.22中的llpaswd程序存在漏洞。 在当lppassw无法确保文件描述符0, 1, 和 2 打开的环境中运行时,lppasswd不会核实passwd.new文件不同于STDERR。这使得本地用户可以借助特定用户输入,触发错误,从而控制passwd.new的输出。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2004-1270
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2004-1270
请登录查看更多情报信息。
Vendor Advisories for CVE-2004-1270 (3)
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11507vdb-entrysignaturex_refsource_OVAL
Other References for CVE-2004-1270 (4)
- http://tigger.uic.edu/~jlongs2/holes/cups2.txtx_refsource_MISC
Same Patch Batch · n/a · 2004-12-22 · 72 CVEs total
| CVE-2004-1284 | mpg123 playlist.c 缓冲区溢出漏洞 | |
| CVE-2004-1309 | Mplayer demux_bmp.c 缓冲区溢出漏洞 | |
| CVE-2004-1304 | file ELF 栈溢出漏洞 | |
| CVE-2004-1291 | qwik-smtpd HELO 缓冲区溢出漏洞 | |
| CVE-2004-1290 | pgn2web pgn2web.c 缓冲区溢出漏洞 | |
| CVE-2004-1289 | pcal 多个 缓冲区溢出漏洞 | |
| CVE-2004-1288 | o3read o3read.c 缓冲区溢出漏洞 | |
| CVE-2004-1287 | NASM preproc.c 缓冲区溢出漏洞 | |
| CVE-2004-1286 | NapShare auto.c 缓冲区溢出漏洞 | |
| CVE-2004-1285 | Mplayer asf_mmst_streaming.c 缓冲区溢出漏洞 | |
| CVE-2004-1292 | RingtoneTools parse_emelody.c 缓冲区溢出漏洞 | |
| CVE-2004-1283 | Mesh Mesh::type 缓冲区溢出漏洞 | |
| CVE-2004-1282 | LinPopUp string.c 缓冲区溢出漏洞 | |
| CVE-2004-1281 | Junkie ftp_retr 远程文件覆盖漏洞 | |
| CVE-2004-1280 | junkie gui_tview_popup.c 远程命令执行漏洞 | |
| CVE-2004-1279 | jpegtoavi get_file_list_stdin 缓冲区溢出漏洞 | |
| CVE-2004-1278 | jcabc2ps parse.c 缓冲区溢出漏洞 | |
| CVE-2004-1277 | IglooFTP ftplist.c 文件覆盖漏洞 | |
| CVE-2004-1276 | IglooFTP upload 文件重写漏洞 | |
| CVE-2004-1275 | html2hdml remove_quote() 缓冲区溢出漏洞 |
Showing top 20 of 72 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
V. Comments for CVE-2004-1270
No comments yet