CVE-2007-0720

Publication date 13 March 2007

Last updated 24 July 2024

Ubuntu priority

The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service hang) via a "partially-negotiated" SSL connection, which prevents other requests from being accepted.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
cupsys	7.04 feisty	Not affected
	6.10 edgy	Ignored
	6.06 LTS dapper	Ignored

How can I get the fixes?
What do statuses mean?

Notes

kees

The "fix" isn't really a fix, and just worsens the diagnostics available to an admin seeking the DoS. This is a design problem with CUPS.

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2007-0720