Details of VAR-200105-0041

ID

VAR-200105-0041

CVE

CVE-2001-1333

TITLE

Linux CUPS Unable to handle temporary file vulnerabilities safely

Trust: 0.6

sources: CNNVD: CNNVD-200105-083

DESCRIPTION

Linux CUPS before 1.1.6 does not securely handle temporary files, possibly due to a symlink vulnerability that could allow local users to overwrite files. CUPS is prone to a local security vulnerability. A local attacker may exploit this issue to perform unauthorized actions. Common Unix Printing System (CUPS) is a common Unix printing system and a cross-platform printing solution in the Unix environment. It is based on the Internet Printing Protocol and provides most PostScript and raster printer services. This vulnerability is different from CVE-2001-1333

Trust: 1.26

sources: NVD: CVE-2001-1333 // BID: 88030 // VULHUB: VHN-4138

AFFECTED PRODUCTS

vendor:	easy products	model:	cups	scope:	lte	version:	1.1.5	Trust: 1.0
vendor:	easy products	model:	cups	scope:	eq	version:	1.1.5	Trust: 0.6
vendor:	easy	model:	software products cups	scope:	eq	version:	1.1.3	Trust: 0.3

sources: BID: 88030 // CNNVD: CNNVD-200105-083 // NVD: CVE-2001-1333

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2001-1333
value:	LOW
Trust: 1.0
CNNVD:	CNNVD-200105-083
value:	LOW
Trust: 0.6
VULHUB:	VHN-4138
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2001-1333
severity:	LOW
baseScore:	1.2
vectorString:	AV:L/AC:H/AU:N/C:N/I:P/A:N
accessVector:	LOCAL
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	1.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-4138
severity:	LOW
baseScore:	1.2
vectorString:	AV:L/AC:H/AU:N/C:N/I:P/A:N
accessVector:	LOCAL
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	1.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-4138 // CNNVD: CNNVD-200105-083 // NVD: CVE-2001-1333

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2001-1333

THREAT TYPE

local

Trust: 0.9

sources: BID: 88030 // CNNVD: CNNVD-200105-083

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200105-083

EXTERNAL IDS

db:	NVD	id:	CVE-2001-1333	Trust: 2.0
db:	CONECTIVA	id:	CLA-2001:386	Trust: 0.6
db:	CONECTIVA	id:	CLA-2001:384	Trust: 0.6
db:	MANDRAKE	id:	MDKSA-2001:048	Trust: 0.6
db:	SUSE	id:	SUSE-SA:2002:005	Trust: 0.6
db:	CNNVD	id:	CNNVD-200105-083	Trust: 0.6
db:	BID	id:	88030	Trust: 0.4
db:	VULHUB	id:	VHN-4138	Trust: 0.1

sources: VULHUB: VHN-4138 // BID: 88030 // CNNVD: CNNVD-200105-083 // NVD: CVE-2001-1333

REFERENCES

url:	http://www.linux-mandrake.com/en/security/2001/mdksa-2001-048.php3	Trust: 3.0
url:	http://lists2.suse.com/archive/suse-security-announce/2001-mar/0000.html	Trust: 3.0
url:	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000384	Trust: 2.9
url:	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000386	Trust: 2.9
url:	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000384	Trust: 0.1
url:	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000386	Trust: 0.1

sources: VULHUB: VHN-4138 // BID: 88030 // CNNVD: CNNVD-200105-083 // NVD: CVE-2001-1333

CREDITS

Unknown

Trust: 0.3

sources: BID: 88030

SOURCES

db:	VULHUB	id:	VHN-4138
db:	BID	id:	88030
db:	CNNVD	id:	CNNVD-200105-083
db:	NVD	id:	CVE-2001-1333

LAST UPDATE DATE

2024-11-22T22:59:28.712000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-4138	date:	2008-09-05T00:00:00
db:	BID	id:	88030	date:	2001-05-10T00:00:00
db:	CNNVD	id:	CNNVD-200105-083	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2001-1333	date:	2024-11-20T23:37:26.570

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-4138	date:	2001-05-10T00:00:00
db:	BID	id:	88030	date:	2001-05-10T00:00:00
db:	CNNVD	id:	CNNVD-200105-083	date:	2001-05-10T00:00:00
db:	NVD	id:	CVE-2001-1333	date:	2001-05-10T04:00:00