Описание
The cupsDoAuthentication function in auth.c in the client in CUPS before 1.4.4, when HAVE_GSSAPI is omitted, does not properly handle a demand for authorization, which allows remote CUPS servers to cause a denial of service (infinite loop) via HTTP_UNAUTHORIZED responses.
Отчет
Not vulnerable. This issue did not affect the versions of CUPS as shipped with Red Hat Enterprise Linux 3, 4, or 5.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 3 | cups | Not affected | ||
| Red Hat Enterprise Linux 4 | cups | Affected | ||
| Red Hat Enterprise Linux 5 | cups | Affected | ||
| Red Hat Enterprise Linux 6 | cups | Not affected | ||
| Red Hat Enterprise Linux Extended Update Support 4.8 | cups | Affected | ||
| Red Hat Enterprise Linux Extended Update Support 5.5 | cups | Affected |
Показывать по
Дополнительная информация
Связанные уязвимости
The cupsDoAuthentication function in auth.c in the client in CUPS before 1.4.4, when HAVE_GSSAPI is omitted, does not properly handle a demand for authorization, which allows remote CUPS servers to cause a denial of service (infinite loop) via HTTP_UNAUTHORIZED responses.
The cupsDoAuthentication function in auth.c in the client in CUPS before 1.4.4, when HAVE_GSSAPI is omitted, does not properly handle a demand for authorization, which allows remote CUPS servers to cause a denial of service (infinite loop) via HTTP_UNAUTHORIZED responses.
The cupsDoAuthentication function in auth.c in the client in CUPS befo ...
The cupsDoAuthentication function in auth.c in the client in CUPS before 1.4.4, when HAVE_GSSAPI is omitted, does not properly handle a demand for authorization, which allows remote CUPS servers to cause a denial of service (infinite loop) via HTTP_UNAUTHORIZED responses.