CVE-2009-0949

The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler request with two consecutive IPP_TAG_UNSUPPORTED tags.

CVSS v3 7.5 HIGH
CVSS v2.0 5.0 MEDIUM

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html	Mailing List
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html	Mailing List
http://secunia.com/advisories/35322	Broken Link Vendor Advisory
http://secunia.com/advisories/35328	Broken Link Vendor Advisory
http://secunia.com/advisories/35340	Broken Link Vendor Advisory
http://secunia.com/advisories/35342	Broken Link Vendor Advisory
http://secunia.com/advisories/35685	Broken Link
http://secunia.com/advisories/36701	Broken Link
http://securitytracker.com/id?1022321	Broken Link Third Party Advisory VDB Entry
http://support.apple.com/kb/HT3865	Third Party Advisory
http://www.coresecurity.com/content/AppleCUPS-null-pointer-vulnerability	Exploit Third Party Advisory
http://www.debian.org/security/2009/dsa-1811	Broken Link Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2009-1082.html	Broken Link
http://www.redhat.com/support/errata/RHSA-2009-1083.html	Broken Link
http://www.securityfocus.com/archive/1/504032/100/0/threaded	Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/35169	Broken Link Exploit Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-780-1	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=500972	Issue Tracking
https://exchange.xforce.ibmcloud.com/vulnerabilities/50926	Third Party Advisory VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9631	Broken Link

Configurations

Configuration 1 (hide)

cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR	cpe:2.3:o:canonical:ubuntu_linux:6.06:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:8.04::::-:::
	cpe:2.3:o:canonical:ubuntu_linux:8.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:9.04:::::::*

Configuration 3 (hide)

OR	cpe:2.3:o:debian:debian_linux:4.0:::::::*
	cpe:2.3:o:debian:debian_linux:5.0:::::::*
	cpe:2.3:o:debian:debian_linux:6.0:::::::*

Configuration 4 (hide)

OR	cpe:2.3:o:apple:mac_os_x::::::::
	cpe:2.3:o:apple:mac_os_x::::::::
	cpe:2.3:o:apple:mac_os_x_server::::::::
	cpe:2.3:o:apple:mac_os_x_server::::::::

Configuration 5 (hide)

OR	cpe:2.3:o:opensuse:opensuse:10.3:::::::*
	cpe:2.3:o:suse:linux_enterprise:9.0:-::::::
	cpe:2.3:o:suse:linux_enterprise:10.0:-::::::

History

09 Feb 2024, 00:17

Type	Values Removed	Values Added
CWE	~~CWE-476~~	CWE-908
First Time		Suse Suse linux Enterprise Opensuse opensuse Opensuse
CPE		cpe:2.3:o:suse:linux_enterprise:10.0:-:::::: cpe:2.3:o:opensuse:opensuse:10.3:::::::* cpe:2.3:o:suse:linux_enterprise:9.0:-::::::
References	~~() http://www.debian.org/security/2009/dsa-1811 - Third Party Advisory~~	() http://www.debian.org/security/2009/dsa-1811 - Broken Link, Third Party Advisory

28 Dec 2023, 15:21

Type	Values Removed	Values Added
CVSS	v2 : ~~5.0~~ v3 : ~~unknown~~	v2 : 5.0 v3 : 7.5
CWE	~~CWE-399~~	CWE-476
CPE	cpe:2.3:a:apple:cups:1.3.2:::::::* cpe:2.3:a:apple:cups:1.1.22:::::::* cpe:2.3:a:apple:cups:1.2.5:::::::* cpe:2.3:a:apple:cups:1.1.20:rc5:::::: cpe:2.3:a:apple:cups:1.2:rc3:::::: cpe:2.3:a:apple:cups:1.1.17:::::::* cpe:2.3:a:apple:cups:1.2.9:::::::* cpe:2.3:a:apple:cups:1.1.11:::::::* cpe:2.3:a:apple:cups:1.2.6:::::::* cpe:2.3:a:apple:cups:1.3.0:::::::* cpe:2.3:a:apple:cups:1.3.4:::::::* cpe:2.3:a:apple:cups:1.1:::::::* cpe:2.3:a:apple:cups:1.2:b1:::::: cpe:2.3:a:apple:cups:1.1.10-1:::::::* cpe:2.3:a:apple:cups:1.1.19:::::::* cpe:2.3:a:apple:cups:1.1.4:::::::* cpe:2.3:a:apple:cups:1.2.0:::::::* cpe:2.3:a:apple:cups:1.1.13:::::::* cpe:2.3:a:apple:cups:1.2.12:::::::* cpe:2.3:a:apple:cups:1.1.8:::::::* cpe:2.3:a:apple:cups:1.2.3:::::::* cpe:2.3:a:apple:cups:1.1.3:::::::* cpe:2.3:a:apple:cups:1.1.16:::::::* cpe:2.3:a:apple:cups:1.1.19:rc3:::::: cpe:2.3:a:apple:cups:1.3:rc2:::::: cpe:2.3:a:apple:cups:1.1.23:::::::* cpe:2.3:a:apple:cups:1.1.5-1:::::::* cpe:2.3:a:apple:cups:1.3.5:::::::* cpe:2.3:a:apple:cups:1.2.10:::::::* cpe:2.3:a:apple:cups:1.1.19:rc2:::::: cpe:2.3:a:apple:cups:1.2:rc2:::::: cpe:2.3:a:apple:cups:1.1.7:::::::* cpe:2.3:a:apple:cups:1.1.12:::::::* cpe:2.3:a:apple:cups:1.1.2:::::::* cpe:2.3:a:apple:cups:1.1.21:rc1:::::: cpe:2.3:a:apple:cups:1.1.6-3:::::::* cpe:2.3:a:apple:cups:1.3:b1:::::: cpe:2.3:a:apple:cups:1.1.15:::::::* cpe:2.3:a:apple:cups:1.1.20:rc6:::::: cpe:2.3:a:apple:cups:1.1.14:::::::* cpe:2.3:a:apple:cups:1.1.9-1:::::::* cpe:2.3:a:apple:cups:1.2.2:::::::* cpe:2.3:a:apple:cups:1.3.8:::::::* cpe:2.3:a:apple:cups:1.1.10:::::::* cpe:2.3:a:apple:cups:1.2.7:::::::* cpe:2.3:a:apple:cups:1.2.4:::::::* cpe:2.3:a:apple:cups:1.1.1:::::::* cpe:2.3:a:apple:cups:1.1.23:rc1:::::: cpe:2.3:a:apple:cups:1.1.19:rc4:::::: cpe:2.3:a:apple:cups:1.2:rc1:::::: cpe:2.3:a:apple:cups:1.3.3:::::::* cpe:2.3:a:apple:cups:1.1.5:::::::* cpe:2.3:a:apple:cups:1.3:rc1:::::: cpe:2.3:a:apple:cups:1.1.20:rc4:::::: cpe:2.3:a:apple:cups:1.2.1:::::::* cpe:2.3:a:apple:cups:1.1.6:::::::* cpe:2.3:a:apple:cups:1.3.7:::::::* cpe:2.3:a:apple:cups:1.1.22:rc2:::::: cpe:2.3:a:apple:cups:1.1.9:::::::* cpe:2.3:a:apple:cups:1.1.6-2:::::::* cpe:2.3:a:apple:cups:1.1.5-2:::::::* cpe:2.3:a:apple:cups:1.1.20:::::::* cpe:2.3:a:apple:cups:1.1.18:::::::* cpe:2.3:a:apple:cups:1.1.20:rc1:::::: cpe:2.3:a:apple:cups:1.2:b2:::::: cpe:2.3:a:apple:cups:1.1.22:rc1:::::: cpe:2.3:a:apple:cups:1.1.20:rc2:::::: cpe:2.3:a:apple:cups:1.1.20:rc3:::::: cpe:2.3:a:apple:cups:1.1.6-1:::::::* cpe:2.3:a:apple:cups:1.2.11:::::::* cpe:2.3:a:apple:cups:1.1.21:rc2:::::: cpe:2.3:a:apple:cups:1.2.8:::::::* cpe:2.3:a:apple:cups:1.1.19:rc1:::::: cpe:2.3:a:apple:cups:1.3.1:::::::* cpe:2.3:a:apple:cups:1.1.21:::::::* cpe:2.3:a:apple:cups:1.1.19:rc5:::::: cpe:2.3:a:apple:cups:1.3.6:::::::*	cpe:2.3:o:apple:mac_os_x_server:::::::: cpe:2.3:o:canonical:ubuntu_linux:8.04::::-::: cpe:2.3:o:apple:mac_os_x:::::::: cpe:2.3:o:debian:debian_linux:6.0:::::::* cpe:2.3:o:canonical:ubuntu_linux:6.06:::::::* cpe:2.3:o:canonical:ubuntu_linux:8.10:::::::* cpe:2.3:o:debian:debian_linux:4.0:::::::* cpe:2.3:o:debian:debian_linux:5.0:::::::* cpe:2.3:o:canonical:ubuntu_linux:9.04:::::::*
First Time		Apple mac Os X Server Debian Canonical Apple mac Os X Debian debian Linux Canonical ubuntu Linux
References	~~() http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html -~~	() http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html - Mailing List
References	~~() http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html -~~	() http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html - Mailing List
References	~~() http://secunia.com/advisories/35322 - Vendor Advisory~~	() http://secunia.com/advisories/35322 - Broken Link, Vendor Advisory
References	~~() http://secunia.com/advisories/35328 - Vendor Advisory~~	() http://secunia.com/advisories/35328 - Broken Link, Vendor Advisory
References	~~() http://secunia.com/advisories/35340 - Vendor Advisory~~	() http://secunia.com/advisories/35340 - Broken Link, Vendor Advisory
References	~~() http://secunia.com/advisories/35342 - Vendor Advisory~~	() http://secunia.com/advisories/35342 - Broken Link, Vendor Advisory
References	~~() http://secunia.com/advisories/35685 -~~	() http://secunia.com/advisories/35685 - Broken Link
References	~~() http://secunia.com/advisories/36701 -~~	() http://secunia.com/advisories/36701 - Broken Link
References	~~() http://securitytracker.com/id?1022321 -~~	() http://securitytracker.com/id?1022321 - Broken Link, Third Party Advisory, VDB Entry
References	~~() http://support.apple.com/kb/HT3865 -~~	() http://support.apple.com/kb/HT3865 - Third Party Advisory
References	~~() http://www.coresecurity.com/content/AppleCUPS-null-pointer-vulnerability - Exploit~~	() http://www.coresecurity.com/content/AppleCUPS-null-pointer-vulnerability - Exploit, Third Party Advisory
References	~~() http://www.debian.org/security/2009/dsa-1811 - Patch~~	() http://www.debian.org/security/2009/dsa-1811 - Third Party Advisory
References	~~() http://www.redhat.com/support/errata/RHSA-2009-1082.html -~~	() http://www.redhat.com/support/errata/RHSA-2009-1082.html - Broken Link
References	~~() http://www.redhat.com/support/errata/RHSA-2009-1083.html -~~	() http://www.redhat.com/support/errata/RHSA-2009-1083.html - Broken Link
References	~~() http://www.securityfocus.com/archive/1/504032/100/0/threaded -~~	() http://www.securityfocus.com/archive/1/504032/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry
References	~~() http://www.securityfocus.com/bid/35169 - Exploit~~	() http://www.securityfocus.com/bid/35169 - Broken Link, Exploit, Third Party Advisory, VDB Entry
References	~~() http://www.ubuntu.com/usn/USN-780-1 -~~	() http://www.ubuntu.com/usn/USN-780-1 - Third Party Advisory
References	~~() https://bugzilla.redhat.com/show_bug.cgi?id=500972 -~~	() https://bugzilla.redhat.com/show_bug.cgi?id=500972 - Issue Tracking
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/50926 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/50926 - Third Party Advisory, VDB Entry
References	~~() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9631 -~~	() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9631 - Broken Link

Information

Published : 2009-06-09 17:30

Updated : 2024-02-09 00:17

NVD link : CVE-2009-0949

Mitre link : CVE-2009-0949

CVE.ORG link : CVE-2009-0949

JSON object : View

Products Affected

suse

linux_enterprise

apple

mac_os_x_server
cups
mac_os_x

opensuse

opensuse

debian

debian_linux

canonical

ubuntu_linux

CWE

CWE-908

Use of Uninitialized Resource

7.5 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0 /10

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

JSON object

Attach tags to CVE-2009-0949

7.5^/10

5.0^/10

Attach tags to `CVE-2009-0949`