Описание
The web interface for CUPS before 1.3.10 does not validate the HTTP Host header in a client request, which makes it easier for remote attackers to conduct DNS rebinding attacks.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | 1.4.1-1 |
| gutsy | DNE | |
| hardy | DNE | |
| intrepid | ignored | |
| jaunty | ignored | |
| upstream | released | 1.3.10 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | |
| devel | DNE | |
| gutsy | ignored | |
| hardy | ignored | |
| intrepid | DNE | |
| jaunty | DNE | |
| upstream | needs-triage |
Показывать по
Ссылки на источники
EPSS
6.4 Medium
CVSS2
Связанные уязвимости
The web interface for CUPS before 1.3.10 does not validate the HTTP Host header in a client request, which makes it easier for remote attackers to conduct DNS rebinding attacks.
The web interface for CUPS before 1.3.10 does not validate the HTTP Host header in a client request, which makes it easier for remote attackers to conduct DNS rebinding attacks.
The web interface for CUPS before 1.3.10 does not validate the HTTP Ho ...
The web interface for CUPS before 1.3.10 does not validate the HTTP Host header in a client request, which makes it easier for remote attackers to conduct DNS rebinding attacks.
Уязвимости операционной системы Gentoo Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS
6.4 Medium
CVSS2