CVE-2010-2432

Public Date:
2010-03-03
CWE:
CWE-835
Bugzilla:
607211: CVE-2010-2432 cups: DoS (infinite loop) via HTTP_UNAUTHORIZED responses STR #3518

The MITRE CVE dictionary describes this issue as:

The cupsDoAuthentication function in auth.c in the client in CUPS before 1.4.4, when HAVE_GSSAPI is omitted, does not properly handle a demand for authorization, which allows remote CUPS servers to cause a denial of service (infinite loop) via HTTP_UNAUTHORIZED responses.

Find out more about CVE-2010-2432 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

Not vulnerable. This issue did not affect the versions of CUPS as shipped with Red Hat Enterprise Linux 3, 4, or 5.

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 6 cups Not affected
Red Hat Enterprise Linux 5 cups Affected
Red Hat Enterprise Linux 4 cups Affected
Red Hat Enterprise Linux 3 cups Not affected

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.