Vulnerability Name:

CVE-2007-0720 (CCN-32967)

Assigned:2006-11-13
Published:2006-11-13
Updated:2020-12-15
Summary:The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service hang) via a "partially-negotiated" SSL connection, which prevents other requests from being accepted.
CVSS v3 Severity:7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)
5.8 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
Vulnerability Type:CWE-noinfo
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2007-0720

Source: CCN
Type: Mac OS X 10.4.9 and Security Update 2007-003
About the security content of Mac OS X 10.4.9 and Security Update 2007-003

Source: CONFIRM
Type: Broken Link
http://docs.info.apple.com/article.html?artnum=305214

Source: FEDORA
Type: Broken Link
FEDORA-2007-1219

Source: APPLE
Type: Mailing List, Vendor Advisory
APPLE-SA-2007-03-13

Source: CCN
Type: RHSA-2007-0123
Moderate: cups security update

Source: CCN
Type: SA24479
Mac OS X Security Update Fixes Multiple Vulnerabilities

Source: SECUNIA
Type: Third Party Advisory
24479

Source: CCN
Type: SA24517
CUPS Incomplete SSL Negotiation Denial of Service

Source: SECUNIA
Type: Third Party Advisory
24517

Source: SECUNIA
Type: Third Party Advisory
24530

Source: SECUNIA
Type: Third Party Advisory
24660

Source: SECUNIA
Type: Third Party Advisory
24878

Source: SECUNIA
Type: Third Party Advisory
24895

Source: SECUNIA
Type: Third Party Advisory
25119

Source: CCN
Type: SA25497
Avaya Products CUPS Incomplete SSL Negotiation Denial of Service

Source: SECUNIA
Type: Third Party Advisory
25497

Source: SECUNIA
Type: Third Party Advisory
26083

Source: SECUNIA
Type: Third Party Advisory
26413

Source: GENTOO
Type: Third Party Advisory
GLSA-200703-28

Source: CCN
Type: SECTRACK ID: 1017750
Mac OS X CUPS SSL Negotiation Lets Remote Users Deny Service

Source: CONFIRM
Type: Third Party Advisory
http://support.avaya.com/elmodocs2/security/ASA-2007-194.htm

Source: CCN
Type: ASA-2007-194
cups security update (RHSA-2007-0123)

Source: CCN
Type: Apple Mac OS X Web site
Apple - Apple - Mac OS X - Leopard Sneak Peek

Source: CCN
Type: GLSA-200703-28
CUPS: Denial of Service

Source: MANDRIVA
Type: Third Party Advisory
MDKSA-2007:086

Source: SUSE
Type: Broken Link
SUSE-SR:2007:014

Source: SUSE
Type: Broken Link
SUSE-SR:2007:009

Source: REDHAT
Type: Third Party Advisory
RHSA-2007:0123

Source: BUGTRAQ
Type: Third Party Advisory, VDB Entry
20070325 FLEA-2007-0003-1: cups

Source: BID
Type: Third Party Advisory, VDB Entry
22948

Source: CCN
Type: BID-22948
Apple Mac OS X Multiple Applications Multiple Vulnerabilities

Source: BID
Type: Third Party Advisory, VDB Entry
23127

Source: CCN
Type: BID-23127
CUPS Partial SSL Connection Remote Denial of Service Vulnerability

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1017750

Source: CCN
Type: TLSA-2007-31
Remote attackers to cause a denial of service

Source: CERT
Type: Third Party Advisory, US Government Resource
TA07-072A

Source: VUPEN
Type: Third Party Advisory
ADV-2007-0930

Source: VUPEN
Type: Third Party Advisory
ADV-2007-0949

Source: MISC
Type: Issue Tracking, Third Party Advisory
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=232243

Source: XF
Type: UNKNOWN
cups-ssl-dos(32967)

Source: CONFIRM
Type: Broken Link
https://issues.rpath.com/browse/RPL-1173

Source: OVAL
Type: Third Party Advisory
oval:org.mitre.oval:def:11046

Source: SUSE
Type: SUSE-SR:2007:014
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:cups:cups:*:*:*:*:*:*:*:* (Version < 1.2.8)

    • Configuration 2:
  • cpe:/o:apple:mac_os_x:*:*:*:*:*:*:*:* (Version < 10.4.9)

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

    • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:easy_software_products:cups:1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.19:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.22:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.21:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.0.4_8:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.10:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.10_1:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.11:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.12:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.13:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.14:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.15:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.16:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.17:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.18:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.19_rc5:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.19_rc1:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.19_rc2:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.19_rc3:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.19_rc4:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.20:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.20_rc1:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.20_rc2:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.20_rc3:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.20_rc4:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.20_rc5:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.20_rc6:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.21_rc1:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.21_rc2:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.22_rc1:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.22_rc2:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.23:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.23_rc1:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.4_2:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.4_3:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.4_5:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.5_1:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.5_2:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.6:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.6_1:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.6_2:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.6_3:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.7:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.8:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.9:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.1.9_1:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.2.10:*:*:*:*:*:*:*
  • OR cpe:/a:easy_software_products:cups:1.2.9:*:*:*:*:*:*:*
  • AND
  • cpe:/o:suse:suse_linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/a:avaya:intuity_audix_lx:*:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:message_networking:-:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007::x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:*:*:personal:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:*:*:home:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:*:*:multimedia:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007.1::x86-64:*:*:*:*:*
  • OR cpe:/a:avaya:communication_manager:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:communication_manager:2.0.1:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20070720
    V
    		CVE-2007-0720
    2015-11-16
    oval:org.mitre.oval:def:22569
    P
    		ELSA-2007:0123: cups security update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:11046
    V
    		The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service hang) via a "partially-negotiated" SSL connection, which prevents other requests from being accepted.
    2013-04-29
    oval:com.redhat.rhsa:def:20070123
    P
    		RHSA-2007:0123: cups security update (Moderate)
    2008-03-20
    BACK
    cups cups *
    apple mac os x *
    easy_software_products cups 1.0.4
    easy_software_products cups 1.1.4
    easy_software_products cups 1.1.19
    easy_software_products cups 1.1.22
    easy_software_products cups 1.1.21
    easy_software_products cups 1.0.4_8
    easy_software_products cups 1.1
    easy_software_products cups 1.1.1
    easy_software_products cups 1.1.10
    easy_software_products cups 1.1.10_1
    easy_software_products cups 1.1.11
    easy_software_products cups 1.1.12
    easy_software_products cups 1.1.13
    easy_software_products cups 1.1.14
    easy_software_products cups 1.1.15
    easy_software_products cups 1.1.16
    easy_software_products cups 1.1.17
    easy_software_products cups 1.1.18
    easy_software_products cups 1.1.19_rc5
    easy_software_products cups 1.1.19_rc1
    easy_software_products cups 1.1.19_rc2
    easy_software_products cups 1.1.19_rc3
    easy_software_products cups 1.1.19_rc4
    easy_software_products cups 1.1.2
    easy_software_products cups 1.1.20
    easy_software_products cups 1.1.20_rc1
    easy_software_products cups 1.1.20_rc2
    easy_software_products cups 1.1.20_rc3
    easy_software_products cups 1.1.20_rc4
    easy_software_products cups 1.1.20_rc5
    easy_software_products cups 1.1.20_rc6
    easy_software_products cups 1.1.21_rc1
    easy_software_products cups 1.1.21_rc2
    easy_software_products cups 1.1.22_rc1
    easy_software_products cups 1.1.22_rc2
    easy_software_products cups 1.1.23
    easy_software_products cups 1.1.23_rc1
    easy_software_products cups 1.1.3
    easy_software_products cups 1.1.4_2
    easy_software_products cups 1.1.4_3
    easy_software_products cups 1.1.4_5
    easy_software_products cups 1.1.5
    easy_software_products cups 1.1.5_1
    easy_software_products cups 1.1.5_2
    easy_software_products cups 1.1.6
    easy_software_products cups 1.1.6_1
    easy_software_products cups 1.1.6_2
    easy_software_products cups 1.1.6_3
    easy_software_products cups 1.1.7
    easy_software_products cups 1.1.8
    easy_software_products cups 1.1.9
    easy_software_products cups 1.1.9_1
    easy_software_products cups 1.2.10
    easy_software_products cups 1.2.9
    suse suse linux *
    gentoo linux *
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    avaya intuity audix lx *
    avaya message networking -
    mandrakesoft mandrake linux 2007
    mandrakesoft mandrake linux 2007
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 3.0
    turbolinux turbolinux fuji
    turbolinux turbolinux personal *
    turbolinux turbolinux home *
    turbolinux turbolinux multimedia *
    redhat enterprise linux 5
    redhat enterprise linux 5
    mandrakesoft mandrake linux 2007.1
    mandrakesoft mandrake linux 2008.0
    redhat enterprise linux 5
    mandrakesoft mandrake linux 2008.0
    mandrakesoft mandrake linux 2007.1
    avaya communication manager 2.0
    avaya communication manager 2.0.1