CVE Database · CVE-2010-2432
CVSS v3.1
N/A
EPSS
2.10%
Published
Jun 22, 2010
Modified
Apr 28, 2026
Public PoC / Exploit (1)
All weaponized →Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
The cupsDoAuthentication function in auth.c in the client in CUPS before 1.4.4, when HAVE_GSSAPI is omitted, does not properly handle a demand for authorization, which allows remote CUPS servers to cause a denial of service (infinite loop) via HTTP_UNAUTHORIZED responses.
Weaknesses (CWE)
Affected Products (84)
References (14)
...and 34 more
