Lucene search
Gentoo FoundationGLSA-200410-06HistoryOct 09, 2004 - 12:00 a.m.
CUPS: Leakage of sensitive information
2004-10-0900:00:00
Gentoo Foundation
security.gentoo.org
11
0.0004 Low
EPSS
Percentile
5.4%
Background
The Common UNIX Printing System (CUPS) is a cross-platform print spooler.
Description
When printing to a SMB-shared printer requiring authentication, CUPS leaks the user name and password to a logfile.
Impact
A local user could gain knowledge of sensitive authentication data.
Workaround
There is no known workaround at this time.
Resolution
All CUPS users should upgrade to the latest version:
# emerge sync
# emerge -pv ">=net-print/cups-1.1.20-r3"
# emerge ">=net-print/cups-1.1.20-r3"
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Gentoo | any | all | net-print/cups | <= 1.1.20-r2 | UNKNOWN |
Related
openvas
openvas
Gentoo Security Advisory GLSA 200410-06 (cups)
2008-09-24 00:00:00
FreeBSD Ports: cups-base
2008-09-04 00:00:00
Debian Security Advisory DSA 566-1 (cupsys)
2008-01-17 00:00:00
nessus
nessus
FreeBSD : CUPS -- local information disclosure (28)
2004-10-18 00:00:00
Debian DSA-566-1 : cupsys - unsanitised input
2004-11-10 00:00:00
freebsd
freebsd
CUPS -- local information disclosure
2004-09-23 00:00:00
osv
osv
cupsys - unsanitised input
2004-10-14 00:00:00
cvelist
cvelist
CVE-2004-0923
2004-10-26 04:00:00
debian
debian
[SECURITY] [DSA 566-1] New CUPS packages fix information leak
2004-10-14 00:00:00
[SECURITY] [DSA 566-1] New CUPS packages fix information leak
2004-10-14 15:27:26
cve
cve
CVE-2004-0923
2005-01-27 05:00:00
ubuntucve
ubuntucve
CVE-2004-0923
2005-01-27 00:00:00
cert
cert
CUPS stores user account details in plain text in log file
2004-11-19 00:00:00
debiancve
debiancve
CVE-2004-0923
2005-01-27 05:00:00
redhat
redhat
(RHSA-2004:543) cups security update
2004-10-22 00:00:00
securityvulns
securityvulns
MDKSA-2004:116 - Updated cups packages fix DoS vulnerabilities
2004-10-22 00:00:00