FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CUPS -- local information disclosure

Affected packages
cups-base < 1.1.22

Details

VuXML ID 30cea6be-1d0c-11d9-814e-0001020eed82
Discovery 2004-09-23
Entry 2004-10-13

Certain methods of authenticated remote printing in CUPS can disclose user names and passwords in the log files.

A workaround for this problem is to set more strict access permissions on the CUPS logfiles.

References

CERT/CC Vulnerability Note 557062
CVE Name CVE-2004-0923
URL http://docs.info.apple.com/article.html?artnum=61798
URL http://secunia.com/advisories/12690/
URL http://www.cups.org/str.php?L920