CVE-2008-0596

Summary

CVE	CVE-2008-0596
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2008-02-26 00:44:00 UTC
Updated	2023-02-13 02:18:00 UTC
Description	Memory leak in CUPS before 1.1.22, and possibly other versions, allows remote attackers to cause a denial of service (memory consumption and daemon crash) via a large number of requests to add and remove shared printers.

Risk And Classification

Problem Types: CWE-399

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Easy Software Products	Cups	1.1.17	All	All	All
Application	Easy Software Products	Cups	1.1.22	All	All	All
Application	Easy Software Products	Cups	1.1.17	All	All	All
Application	Easy Software Products	Cups	1.1.22	All	All	All
Operating System	Redhat	Desktop	3.0	All	All	All
Operating System	Redhat	Desktop	4.0	All	All	All
Operating System	Redhat	Desktop	3.0	All	All	All
Operating System	Redhat	Desktop	4.0	All	All	All
Operating System	Redhat	Enterprise Linux	as_3	All	All	All
Operating System	Redhat	Enterprise Linux	as_4	All	All	All
Operating System	Redhat	Enterprise Linux	es_3	All	All	All
Operating System	Redhat	Enterprise Linux	es_4	All	All	All
Operating System	Redhat	Enterprise Linux	ws_3	All	All	All
Operating System	Redhat	Enterprise Linux	ws_4	All	All	All
Operating System	Redhat	Enterprise Linux	as_3	All	All	All
Operating System	Redhat	Enterprise Linux	as_4	All	All	All
Operating System	Redhat	Enterprise Linux	es_3	All	All	All
Operating System	Redhat	Enterprise Linux	es_4	All	All	All
Operating System	Redhat	Enterprise Linux	ws_3	All	All	All
Operating System	Redhat	Enterprise Linux	ws_4	All	All	All

References

Reference	Source	Link	Tags
rhn.redhat.com \| Red Hat Support	REDHAT	www.redhat.com
Support / Security / Advisories / / MDVSA-2008:050 \| Mandriva	MANDRIVA	www.mandriva.com
rhn.redhat.com \| Red Hat Support	REDHAT	www.redhat.com
Advisories:rPSA-2008-0091 - rPath Wiki	CONFIRM	wiki.rpath.com
Repository / Oval Repository	OVAL	oval.cisecurity.org
About Security Update 2008-002	CONFIRM	docs.info.apple.com
SUSE update for cups - Advisories - Secunia	SECUNIA	secunia.com
SecurityFocus	BUGTRAQ	www.securityfocus.com
IBM X-Force Exchange	XF	exchange.xforce.ibmcloud.com
rPath update for cups - Advisories - Secunia	SECUNIA	secunia.com
[security-announce] SUSE Security Announcement: cups (SUSE-SA:2008:012)	SUSE	lists.opensuse.org
CUPS Bugs in Adding/Deleting Shared Printers Lets Remote Users Deny Service - SecurityTracker	SECTRACK	www.securitytracker.com
Red Hat Customer Portal	MISC	access.redhat.com
CUPS Multiple Remote Denial of Service Vulnerabilities	BID	www.securityfocus.com
access.redhat.com \| CVE-2008-0596	MISC	access.redhat.com
Mac OS X Security Update Fixes Multiple Vulnerabilities - Secunia Advisories - Vulnerability Intelligence - Secunia.com	SECUNIA	secunia.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH	VUPEN	www.vupen.com
wiki.rpath.com/Advisories:rPSA-2008-0091	CONFIRM	wiki.rpath.com
Red Hat update for cups - Advisories - Secunia	SECUNIA	secunia.com	Vendor Advisory
Bug 433825 – CVE-2008-0596 cups: memory leak handling IPP browse requests	MISC	bugzilla.redhat.com
issues.rpath.com/browse/RPL-2283	CONFIRM	issues.rpath.com
Red Hat Customer Portal	MISC	access.redhat.com
APPLE-SA-2008-03-18 Security Update 2008-002	APPLE	lists.apple.com
ASA-2008-084 (RHSA-2008-0153)	CONFIRM	support.avaya.com
ASA-2008-098 (RHSA-2008-0161)	CONFIRM	support.avaya.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.