CVE-2002-1366

Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows local users with lp privileges to create or overwrite arbitrary files via file race conditions, as demonstrated by ice-cream.

Published: Dec 26, 2002
Updated: Apr 13, 2023
CVE: CVE-2002-1366
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.2
AV:L/AC:H/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
easy_software_products / cups	1.1.10	1.1.10.x
easy_software_products / cups	1.1.7	1.1.7.x
easy_software_products / cups	1.1.13	1.1.13.x
easy_software_products / cups	1.1.17	1.1.17.x
easy_software_products / cups	1.1.4	1.1.4.x
easy_software_products / cups	1.1.1	1.1.1.x
easy_software_products / cups	1.0.4	1.0.4.x
easy_software_products / cups	1.1.14	1.1.14.x
easy_software_products / cups	1.1.6	1.1.6.x
apple / mac_os_x	10.2.2	10.2.2.x
apple / mac_os_x	10.2	10.2.x

http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html
http://marc.info/?l=bugtraq&m=104032149026670&w=2
http://www.debian.org/security/2003/dsa-232
http://www.idefense.com/advisory/12.19.02.txt
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001
http://www.novell.com/linux/security/advisories/2003_002_cups.html
http://www.redhat.com/support/errata/RHSA-2002-295.html
http://www.securityfocus.com/bid/6435
https://exchange.xforce.ibmcloud.com/vulnerabilities/10907

Vulnerability Database

289,599

CVE-2002-1366