CVE-2002-1367

Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to add printers without authentication via a certain UDP packet, which can then be used to perform unauthorized activities such as stealing the local root certificate for the administration server via a "need authorization" page, as demonstrated by new-coke.

Published: Dec 26, 2002
Updated: Apr 13, 2023
CVE: CVE-2002-1367
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
easy_software_products / cups	1.1.10	1.1.10.x
easy_software_products / cups	1.1.7	1.1.7.x
easy_software_products / cups	1.0.4_8	1.0.4_8.x
easy_software_products / cups	1.1.13	1.1.13.x
easy_software_products / cups	1.1.17	1.1.17.x
easy_software_products / cups	1.1.4_3	1.1.4_3.x
easy_software_products / cups	1.1.4	1.1.4.x
easy_software_products / cups	1.1.4_5	1.1.4_5.x
easy_software_products / cups	1.1.1	1.1.1.x
easy_software_products / cups	1.0.4	1.0.4.x
easy_software_products / cups	1.1.14	1.1.14.x
easy_software_products / cups	1.1.4_2	1.1.4_2.x
easy_software_products / cups	1.1.6	1.1.6.x
apple / mac_os_x	10.2.2	10.2.2.x
apple / mac_os_x	10.2	10.2.x

Vulnerability Database

289,599

CVE-2002-1367