found 506180 1.3.7-6 retitle 506180 CVE-2008-5183: daemon crashes when adding more than 100 subscriptions thanks
2008/11/18 Raphael Geissert <[EMAIL PROTECTED]>: > Source: cups > Severity: important > Version: 1.3.7-1 > Tags: security > > Hi, > > An exploit[0][1] has been published for CUPS. > >> The daemon crashes when more than 100 RSS Subscriptions are added which has >> been successfully tested on the latest versions of openSuse and Ubuntu >> Desktop at time of writing (11.0 and 8.04.1 respectively). For some reason, This is CVE-2008-5183 >> the user doesn't need to login to add RSS subscriptions, although >> authentication is required to perform other actions. I'm not sure if this and this is CVE-2008-5184. So, if I got it right etch is not affected either, right? Cheers, -- Raphael Geissert - Debian Maintainer www.debian.org - get.debian.net Yogi Berra - "I never said most of the things I said." -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
