CyberSec.Space Logo
Back to CVE Browser

CVE-2002-1367

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1330%
EPSS Percentile8.03th
PublishedDec 26, 2002
Last ModifiedApr 16, 2026

Vulnerability Description

Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to add printers without authentication via a certain UDP packet, which can then be used to perform unauthorized activities such as stealing the local root certificate for the administration server via a "need authorization" page, as demonstrated by new-coke.

Affected Platforms (CPE)

πŸ“¦
Easy Software Products

Cups

= 1.0.4
πŸ“¦
Easy Software Products

Cups

= 1.0.4_8
πŸ“¦
Easy Software Products

Cups

= 1.1.1
πŸ“¦
Easy Software Products

Cups

= 1.1.4
πŸ“¦
Easy Software Products

Cups

= 1.1.4_2
πŸ“¦
Easy Software Products

Cups

= 1.1.4_3
πŸ“¦
Easy Software Products

Cups

= 1.1.4_5
πŸ“¦
Easy Software Products

Cups

= 1.1.6
πŸ“¦
Easy Software Products

Cups

= 1.1.7
πŸ“¦
Easy Software Products

Cups

= 1.1.10
πŸ“¦
Easy Software Products

Cups

= 1.1.13
πŸ“¦
Easy Software Products

Cups

= 1.1.14
πŸ“¦
Easy Software Products

Cups

= 1.1.17
πŸ’»
Apple

Mac Os X

= 10.2
πŸ’»
Apple

Mac Os X

= 10.2.2

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html
πŸ”— http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000702
πŸ”— http://marc.info/?l=bugtraq&m=104032149026670&w=2
πŸ”— http://www.debian.org/security/2003/dsa-232
πŸ”— http://www.idefense.com/advisory/12.19.02.txt
πŸ”— http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001
πŸ”— http://www.novell.com/linux/security/advisories/2003_002_cups.html
πŸ”— http://www.redhat.com/support/errata/RHSA-2002-295.html

Related Vulnerabilities

CVE-2002-136910.0

jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly use the strncat function call when processing...

CVE-2002-138310.0

Multiple integer overflows in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allow remote attackers to execute arbitrary...

CVE-2001-019410.0

Buffer overflow in httpGets function in CUPS 1.1.5 allows remote attackers to execute arbitrary commands via a long input line.

CVE-2004-088810.0

Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow r...