CVE-2004-1269

CUPS 1.1.22 - Denial of Service via lppasswd File Handling

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-1269. PoCs published by Bartlomiej Sieka.

AI-analyzed exploit summary This exploit leverages a denial-of-service vulnerability in Easy Software Products lppasswd by setting the file size resource limit to zero, causing lppasswd to create an empty passwd.new file and preventing further password changes.

Description

lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it encounters a file-size resource limit while writing to passwd.new, which causes subsequent invocations of lppasswd to fail.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Bartlomiej Sieka · cdoswindows
https://www.exploit-db.com/exploits/25012

This exploit leverages a denial-of-service vulnerability in Easy Software Products lppasswd by setting the file size resource limit to zero, causing lppasswd to create an empty passwd.new file and preventing further password changes.

Classification
Working Poc 100%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Easy Software Products lppasswd versions 1.1.19 and 1.1.22
Auth required
Prerequisites: Local access · CUPS credentials
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (8)

Core 8
Core References
Third Party Advisory vendor-advisory x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml
Exploit, Vendor Advisory x_refsource_misc
http://tigger.uic.edu/~jlongs2/holes/cups2.txt
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2005-013.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/18608
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9545
Vendor Advisory vendor-advisory x_refsource_mandrake
http://www.mandriva.com/security/advisories?name=MDKSA-2005:008
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2005-053.html
Vendor Advisory vendor-advisory x_refsource_ubuntu
https://usn.ubuntu.com/50-1/

Scores

EPSS 0.0895
EPSS Percentile 94.6%

Details

Status published
Products (24)
easy_software_products/cups 1.0.4
easy_software_products/cups 1.0.4_8
easy_software_products/cups 1.1.1
easy_software_products/cups 1.1.4
easy_software_products/cups 1.1.4_2
easy_software_products/cups 1.1.4_3
easy_software_products/cups 1.1.4_5
easy_software_products/cups 1.1.6
easy_software_products/cups 1.1.7
easy_software_products/cups 1.1.10
... and 14 more
Published Jan 10, 2005
Tracked Since Feb 18, 2026