CVE 2008-5183
cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial of service (daemon crash) by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference. NOTE: this issue can be triggered remotely by leveraging CVE-2008-5184.
Related bugs and status
CVE-2008-5183 (Candidate) is related to these bugs:
Bug #298241: Apple CUPS Daemon: unauthenticated SIGSEGV crash via RSS subscriptions
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 298241 | Apple CUPS Daemon: unauthenticated SIGSEGV crash via RSS subscriptions | cups (Ubuntu) | High | Fix Released | ||
| 298241 | Apple CUPS Daemon: unauthenticated SIGSEGV crash via RSS subscriptions | cups (openSUSE) | Undecided | New | ||
| 298241 | Apple CUPS Daemon: unauthenticated SIGSEGV crash via RSS subscriptions | cups (Debian) | Unknown | Fix Released | ||
| 298241 | Apple CUPS Daemon: unauthenticated SIGSEGV crash via RSS subscriptions | cups (Ubuntu Gutsy) | Undecided | Fix Released | ||
| 298241 | Apple CUPS Daemon: unauthenticated SIGSEGV crash via RSS subscriptions | cups (Ubuntu Hardy) | Undecided | Fix Released | ||
| 298241 | Apple CUPS Daemon: unauthenticated SIGSEGV crash via RSS subscriptions | cups (Fedora) | Medium | Fix Released | ||
Bug #310575: A3 pdf file is cropped and printed on A4 paper
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 310575 | A3 pdf file is cropped and printed on A4 paper | cups (Ubuntu) | Medium | Fix Released | ||
| 310575 | A3 pdf file is cropped and printed on A4 paper | cups (Ubuntu Intrepid) | Undecided | Fix Released | ||
Bug #329293: Please update cupsys to the generic version for hardy to fix several security vulnerabilities
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 329293 | Please update cupsys to the generic version for hardy to fix several security vulnerabilities | The Dell Mini Project | Critical | Fix Released | ||
Bug #357732: cups always prints with the default page size
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 357732 | cups always prints with the default page size | cups (Ubuntu) | High | Fix Released | ||
| 357732 | cups always prints with the default page size | ghostscript (Ubuntu) | Undecided | Invalid | ||
| 357732 | cups always prints with the default page size | GS-GPL | High | Invalid | ||
| 357732 | cups always prints with the default page size | cups (Ubuntu Jaunty) | High | Fix Released | ||
| 357732 | cups always prints with the default page size | ghostscript (Ubuntu Jaunty) | Undecided | Invalid | ||
| 357732 | cups always prints with the default page size | cups (Ubuntu Intrepid) | Undecided | Invalid | ||
| 357732 | cups always prints with the default page size | ghostscript (Ubuntu Intrepid) | Undecided | Invalid | ||
See the 
CVE page on Mitre.org
for more details.
