CVE-2004-1268 - Contemplable Fists
Description
lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file which allows local users to corrupt the file by filling the associated file system and triggering the write errors.
Reference
http://tigger.uic.edu/~jlongs2/holes/cups2.txt http://www.redhat.com/support/errata/RHSA-2005-013.html http://www.redhat.com/support/errata/RHSA-2005-053.html http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:008 https://exchange.xforce.ibmcloud.com/vulnerabilities/18606 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10398 https://usn.ubuntu.com/50-1/