Vulnerability CVE-2010-0302

Vulnerability Name:

CVE-2010-0302 (CCN-56668)

Assigned:

2010-03-03

Published:

2010-03-03

Updated:

2017-09-19

Summary:

Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epoll is used, allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count.
Note: some of these details are obtained from third party information.
Note: this vulnerability exists because of an incomplete fix for CVE-2009-3553.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

3.3 Low (REDHAT CVSS v2 Vector: AV:A/AC:L/Au:N/C:N/I:N/A:P)
2.4 Low (REDHAT Temporal CVSS v2 Vector: AV:A/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Adjacent_Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-399

Vulnerability Consequences:

Denial of Service

References:

Source: CONFIRM
Type: UNKNOWN
http://cups.org/articles.php?L596

Source: CONFIRM
Type: UNKNOWN
http://cups.org/str.php?L3490

Source: MITRE
Type: CNA
CVE-2010-0302

Source: APPLE
Type: UNKNOWN
APPLE-SA-2010-06-15-1

Source: FEDORA
Type: UNKNOWN
FEDORA-2010-2743

Source: CCN
Type: RHSA-2010-0129
Moderate: cups security update

Source: SECUNIA
Type: UNKNOWN
38785

Source: SECUNIA
Type: UNKNOWN
38927

Source: SECUNIA
Type: UNKNOWN
38979

Source: CCN
Type: SA40220
Apple Mac OS X Security Update Fixes Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
40220

Source: GENTOO
Type: UNKNOWN
GLSA-201207-10

Source: CCN
Type: SECTRACK ID: 1024124
CUPS Use After Free in cupsdDoSelect() Lets Remote Users Deny Service

Source: CCN
Type: Apple Web site
About the security content of Security Update 2010-004 / Mac OS X v10.6.4

Source: CONFIRM
Type: UNKNOWN
http://support.apple.com/kb/HT4188

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2010:073

Source: BID
Type: UNKNOWN
38510

Source: CCN
Type: BID-38510
CUPS File Descriptors Handling Use-After-Free Remote Denial Of Service Vulnerability

Source: SECTRACK
Type: UNKNOWN
1024124

Source: CCN
Type: USN-906-1
CUPS vulnerabilities

Source: UBUNTU
Type: UNKNOWN
USN-906-1

Source: VUPEN
Type: UNKNOWN
ADV-2010-1481

Source: CCN
Type: Red Hat Bugzilla Bug 557775
CVE-2010-0302 cups Incomplete fix for CVE-2009-3553

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.redhat.com/show_bug.cgi?id=557775

Source: XF
Type: UNKNOWN
cups-filedescriptor-dos(56668)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:11216

Source: REDHAT
Type: UNKNOWN
RHSA-2010:0129

Source: SUSE
Type: SUSE-SR:2010:007
SUSE Security Summary Report

Vulnerable Configuration:

Configuration 1:

cpe:/a:apple:cups:1.3.7:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.3.9:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.3.10:*:*:*:*:*:*:*

OR cpe:/a:apple:cups:1.4.1:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20100302	V	CVE-2010-0302	2022-05-20
oval:org.opensuse.security:def:42285	P	Security update for e2fsprogs (Important)	2022-05-16
oval:org.opensuse.security:def:26220	P	Security update for MozillaFirefox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:31755	P	Security update for libvirt (Important)	2022-01-10
oval:org.opensuse.security:def:33067	P	Security update for libqt4 (Important)	2021-12-22
oval:org.opensuse.security:def:32236	P	Security update for MozillaFirefox (Important)	2021-12-12
oval:org.opensuse.security:def:31716	P	Security update for mozilla-nss (Important)	2021-12-06
oval:org.opensuse.security:def:31712	P	Security update for xen (Moderate)	2021-12-01
oval:org.opensuse.security:def:31311	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:26160	P	Security update for binutils (Moderate)	2021-11-09
oval:org.opensuse.security:def:33028	P	Security update for git (Low)	2021-10-20
oval:org.opensuse.security:def:26139	P	Security update for libvirt (Moderate)	2021-10-04
oval:org.opensuse.security:def:32180	P	Security update for file (Important)	2021-09-02
oval:org.opensuse.security:def:26107	P	Security update for openssl-1_0_0 (Important)	2021-08-24
oval:org.opensuse.security:def:32165	P	Security update for cpio (Important)	2021-08-23
oval:org.opensuse.security:def:31667	P	Security update for fetchmail (Moderate)	2021-08-18
oval:org.opensuse.security:def:31234	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-07-27
oval:org.opensuse.security:def:31656	P	Security update for systemd (Important)	2021-07-21
oval:org.opensuse.security:def:26079	P	Security update for gupnp (Important)	2021-06-18
oval:org.opensuse.security:def:32121	P	Security update for webkit2gtk3 (Important)	2021-06-17
oval:org.opensuse.security:def:42087	P	Security update for libxml2 (Moderate)	2021-06-09
oval:org.opensuse.security:def:36104	P	cups-1.3.9-8.46.56.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36386	P	cups-devel-1.3.9-8.46.56.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42511	P	cups-1.3.9-8.46.56.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:32099	P	Security update for djvulibre (Important)	2021-05-31
oval:org.opensuse.security:def:26058	P	Security update for postgresql10 (Moderate)	2021-05-27
oval:org.opensuse.security:def:31611	P	Security update for libnettle (Important)	2021-04-28
oval:org.opensuse.security:def:31160	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-04-28
oval:org.opensuse.security:def:31149	P	Security update for spamassassin (Important)	2021-04-12
oval:org.opensuse.security:def:31148	P	Security update for fwupdate (Important)	2021-04-08
oval:org.opensuse.security:def:32060	P	Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:32285	P	Security update for MozillaFirefox (Important)	2021-03-31
oval:org.opensuse.security:def:31368	P	Security update for openssl (Moderate)	2021-03-24
oval:org.opensuse.security:def:31366	P	Security update for wavpack (Important)	2021-03-24
oval:org.opensuse.security:def:26204	P	Security update for freeradius-server (Low)	2021-03-04
oval:org.opensuse.security:def:31346	P	Security update for java-1_8_0-openjdk (Moderate)	2021-02-19
oval:org.opensuse.security:def:31345	P	Security update for krb5-appl (Important)	2021-02-19
oval:org.opensuse.security:def:26146	P	Security update for python3 (Important)	2021-02-08
oval:org.opensuse.security:def:31655	P	Security update for MozillaFirefox (Important)	2021-01-29
oval:org.opensuse.security:def:31357	P	Security update for MozillaFirefox (Important)	2021-01-12
oval:org.opensuse.security:def:31219	P	Security update for openssh (Moderate)	2021-01-05
oval:org.opensuse.security:def:31570	P	Security update for cyrus-sasl (Important)	2020-12-28
oval:org.opensuse.security:def:32011	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)	2020-12-07
oval:org.opensuse.security:def:31087	P	Security update for the Linux Kernel (Live Patch 30 for SLE 12 SP3) (Important)	2020-12-07
oval:org.opensuse.security:def:31563	P	Security update for mutt (Important)	2020-12-07
oval:org.opensuse.security:def:35533	P	cups-1.3.9-8.30.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35680	P	cups-1.3.9-8.44.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:41940	P	cups-1.3.9-8.30.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35878	P	cups-1.3.9-8.46.46.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:25713	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31955	P	Security update for gstreamer-0_10-plugins-good (Important)	2020-12-01
oval:org.opensuse.security:def:26385	P	Security update for go (Moderate)	2020-12-01
oval:org.opensuse.security:def:25661	P	Security update for opensc (Low)	2020-12-01
oval:org.opensuse.security:def:26680	P	cups on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25231	P	Security update for gcc9 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25854	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:27067	P	LibVNCServer on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31582	P	Security update for tar (Moderate)	2020-12-01
oval:org.opensuse.security:def:26277	P	Security update for libreoffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:25763	P	Security Update for Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31821	P	Security update for avahi (Moderate)	2020-12-01
oval:org.opensuse.security:def:25243	P	Security update for java-1_8_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:31458	P	Security update for postgresql91 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25654	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:31788	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26512	P	Security update for pdns-recursor (Moderate)	2020-12-01
oval:org.opensuse.security:def:25816	P	Security update for libqt4 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32498	P	cups on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31001	P	Security update for java-1_6_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:25435	P	Security update for ghostscript (Important)	2020-12-01
oval:org.opensuse.security:def:31602	P	Security update for tomcat6	2020-12-01
oval:org.opensuse.security:def:32803	P	w3m on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25729	P	Security update for spamassassin (Important)	2020-12-01
oval:org.opensuse.security:def:31937	P	Security update for glibc (Moderate)	2020-12-01
oval:org.opensuse.security:def:26614	P	mozilla-xulrunner190 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26498	P	Security update for nextcloud (Moderate)	2020-12-01
oval:org.opensuse.security:def:31013	P	Security update for java-1_7_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:25573	P	Security update for ghostscript (Important)	2020-12-01
oval:org.opensuse.security:def:31814	P	Security update for apache2-mod_nss (Moderate)	2020-12-01
oval:org.opensuse.security:def:25938	P	Security update for evince (Important)	2020-12-01
oval:org.opensuse.security:def:26667	P	apache2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25085	P	Security update for permissions (Moderate)	2020-12-01
oval:org.opensuse.security:def:25808	P	Security update for LibreOffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:31902	P	Security update for MozillaFirefox, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:26877	P	cups on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25428	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:31431	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27349	P	mailx-openssl1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25160	P	Security update for icu (Moderate)	2020-12-01
oval:org.opensuse.security:def:25910	P	Security update for gstreamer-0_10-plugins-base (Low)	2020-12-01
oval:org.opensuse.security:def:31968	P	Security update for ipmitool (Important)	2020-12-01
oval:org.opensuse.security:def:25440	P	Security update for python-xdg (Moderate)	2020-12-01
oval:org.opensuse.security:def:26283	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32346	P	Security update for sqlite3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25936	P	Security update for libreoffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:25369	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25963	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:32645	P	cups on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25632	P	Security update for aspell (Moderate)	2020-12-01
oval:org.opensuse.security:def:31799	P	Security update for SDL (Moderate)	2020-12-01
oval:org.opensuse.security:def:26371	P	Security update for Chromium (Important)	2020-12-01
oval:org.opensuse.security:def:26011	P	Security update for gwenhywfar (Moderate)	2020-12-01
oval:org.opensuse.security:def:25510	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:26645	P	unrar on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25770	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:26429	P	Security update for keepalived (Moderate)	2020-12-01
oval:org.opensuse.security:def:31571	P	Security update for strongswan (Moderate)	2020-12-01
oval:org.opensuse.security:def:25714	P	Security update for libpng16 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31777	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:25232	P	Security update for sudo (Important)	2020-12-01
oval:org.opensuse.security:def:26005	P	Security update for libcdio (Moderate)	2020-12-01
oval:org.opensuse.security:def:27102	P	cups on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25653	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26361	P	Security update for kopete (Low)	2020-12-01
oval:org.opensuse.security:def:25802	P	Recommended update for LibreOffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:32459	P	Security update for xorg-x11-libX11 (Important)	2020-12-01
oval:org.opensuse.security:def:25307	P	Security update for libX11 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31515	P	Security update for quagga (Low)	2020-12-01
oval:org.opensuse.security:def:25665	P	Security update for libqt5-qtbase (Important)	2020-12-01
oval:org.opensuse.security:def:31880	P	Security update for dhcpcd (Important)	2020-12-01
oval:org.opensuse.security:def:26565	P	hplip on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25860	P	Security update for bash (Moderate)	2020-12-01
oval:org.opensuse.security:def:31002	P	Security update for java-1_6_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:25516	P	Security update for file-roller (Moderate)	2020-12-01
oval:org.opensuse.security:def:31758	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:32842	P	cups on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25857	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:32024	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26653	P	xorg-x11-Xvnc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26533	P	cups on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25084	P	Security update for clamav (Important)	2020-12-01
oval:org.opensuse.security:def:25657	P	Security update for graphviz (Low)	2020-12-01
oval:org.opensuse.security:def:31863	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:26842	P	xen on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25995	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:26711	P	gnutls on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25096	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25861	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31924	P	Security update for ghostscript-library (Moderate)	2020-12-01
oval:org.opensuse.security:def:25429	P	Security update for libzypp (Moderate)	2020-12-01
oval:org.opensuse.security:def:26230	P	Security update for libreoffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:32324	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:27384	P	cups-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25935	P	Security update for libcares2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25288	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:31455	P	Security update for postgresql10 (Important)	2020-12-01
oval:org.opensuse.security:def:25949	P	Security update for icu (Moderate)	2020-12-01
oval:org.opensuse.security:def:32606	P	syslog-ng on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25504	P	Security update for libvirt (Important)	2020-12-01
oval:org.opensuse.security:def:26332	P	Security update for karchive (Important)	2020-12-01
oval:org.opensuse.security:def:32390	P	Security update for tomcat6 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25947	P	Security update for freerdp (Important)	2020-12-01
oval:org.opensuse.security:def:25426	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26007	P	Security update for libid3tag (Moderate)	2020-12-01
oval:org.mitre.oval:def:13273	P	USN-906-1 -- cups, cupsys vulnerabilities	2014-06-30
oval:org.mitre.oval:def:22958	P	ELSA-2010:0129: cups security update (Moderate)	2014-05-26
oval:org.mitre.oval:def:22030	P	RHSA-2010:0129: cups security update (Moderate)	2014-02-24
oval:org.mitre.oval:def:11216	V	Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epoll is used, allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-3553.	2013-04-29
oval:com.redhat.rhsa:def:20100129	P	RHSA-2010:0129: cups security update (Moderate)	2010-03-03

BACK