CVE-2004-1268 - Contemplable Fists

Description

lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file which allows local users to corrupt the file by filling the associated file system and triggering the write errors.

Reference

http://tigger.uic.edu/~jlongs2/holes/cups2.txt http://www.redhat.com/support/errata/RHSA-2005-013.html http://www.redhat.com/support/errata/RHSA-2005-053.html http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:008 https://exchange.xforce.ibmcloud.com/vulnerabilities/18606 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10398 https://usn.ubuntu.com/50-1/