FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2007-0720

This CVE name corresponds to:

Entered Topic
2007-06-12 cups -- Incomplete SSL Negotiation Denial of Service

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2007-0720 at cve.mitre.org

Details

Type Candidate
Name CVE-2007-0720
Phase Assigned(20070205)

Description

The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service hang) via a "partially-negotiated" SSL connection, which prevents other requests from being accepted.

References

Source Reference
BUGTRAQ 20070325 FLEA-2007-0003-1: cups
MISC https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=232243
CONFIRM http://docs.info.apple.com/article.html?artnum=305214
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2007-194.htm
CONFIRM https://issues.rpath.com/browse/RPL-1173
APPLE APPLE-SA-2007-03-13
FEDORA FEDORA-2007-1219
GENTOO GLSA-200703-28
MANDRIVA MDKSA-2007:086
REDHAT RHSA-2007:0123
SUSE SUSE-SR:2007:009
SUSE SUSE-SR:2007:014
CERT TA07-072A
BID 22948
BID 23127
OVAL oval:org.mitre.oval:def:11046
VUPEN ADV-2007-0930
VUPEN ADV-2007-0949
SECTRACK 1017750
SECUNIA 24479
SECUNIA 24517
SECUNIA 24530
SECUNIA 24660
SECUNIA 24878
SECUNIA 24895
SECUNIA 25119
SECUNIA 25497
SECUNIA 26083
SECUNIA 26413

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.