Published: 27/01/2005 Updated: 11/10/2017

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

CUPS 1.1.20 and previous versions records authentication information for a device URI in the error_log file, which allows local users to obtain user names and passwords.

Vulnerable Product	Search on Vulmon	Subscribe to Product
easy software products cups 1.1.13
easy software products cups 1.1.14
easy software products cups 1.1.20
easy software products cups 1.1.21
easy software products cups 1.0.4
easy software products cups 1.1.15
easy software products cups 1.1.16
easy software products cups 1.1.4
easy software products cups 1.1.4_2
easy software products cups 1.1.4_3
easy software products cups 1.0.4_8
easy software products cups 1.1.1
easy software products cups 1.1.17
easy software products cups 1.1.18
easy software products cups 1.1.4_5
easy software products cups 1.1.6
easy software products cups 1.1.10
easy software products cups 1.1.12
easy software products cups 1.1.19
easy software products cups 1.1.19_rc5
easy software products cups 1.1.7
apple mac os x 10.2
apple mac os x 10.2.1
apple mac os x 10.2.8
apple mac os x 10.3
apple mac os x server 10.2.1
apple mac os x server 10.2.2
apple mac os x server 10.3.1
apple mac os x server 10.3.2
apple mac os x 10.2.2
apple mac os x 10.2.3
apple mac os x 10.3.1
apple mac os x 10.3.2
apple mac os x server 10.2.3
apple mac os x server 10.2.4
apple mac os x server 10.2.5
apple mac os x server 10.3.3
apple mac os x server 10.3.4
apple mac os x 10.2.4
apple mac os x 10.2.5
apple mac os x 10.3.3
apple mac os x 10.3.4
apple mac os x server 10.2.6
apple mac os x server 10.2.7
apple mac os x server 10.3.5
apple mac os x 10.2.6
apple mac os x 10.2.7
apple mac os x 10.3.5
apple mac os x server 10.2
apple mac os x server 10.2.8
apple mac os x server 10.3

Synopsis cups security update Type/Severity Security Advisory: Important Topic Updated cups packages that fix denial of service issues, a securityinformation leak, as well as other various bugs are now available Description The Common UNIX Printing System (CUPS) is a print spoolerDuring a ...

An information leak has been detected in CUPS, the Common UNIX Printing System, which may lead to the disclosure of sensitive information, such as user names and passwords which are written into log files The used patch only eliminates the authentication information in the device URI which is logged in the error_log file It does not eliminate the ...

NVD-CWE-Other http://www.kb.cert.org/vuls/id/557062 http://www.securityfocus.com/bid/11324 http://www.redhat.com/support/errata/RHSA-2004-543.html http://lists.apple.com/archives/security-announce/2004/Oct/msg00000.html http://www.debian.org/security/2004/dsa-566 http://www.ciac.org/ciac/bulletins/p-002.shtml http://www.mandriva.com/security/advisories?name=MDKSA-2004:116 https://exchange.xforce.ibmcloud.com/vulnerabilities/17593 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10710 https://access.redhat.com/errata/RHSA-2004:543 https://nvd.nist.gov https://www.kb.cert.org/vuls/id/557062

CVE-2004-0923

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect