CVE-2004-0923

NONE EPSS 35.7%
Published Jan 27, 200521y ago · Modified Jun 16, 20262w ago
Find Similar
Published Jan 27, 2005 21y ago
Last Modified Jun 16, 2026 2w ago

Description

CUPS 1.1.20 and earlier records authentication information for a device URI in the error_log file, which allows local users to obtain user names and passwords.

Threat Intelligence

EPSS Exploit Probability
35.7% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 51

VendorProductVersionRange
easy_software_productscups1.0.4any
easy_software_productscups1.0.4_8any
easy_software_productscups1.1.1any
easy_software_productscups1.1.4any
easy_software_productscups1.1.4_2any
easy_software_productscups1.1.4_3any
easy_software_productscups1.1.4_5any
easy_software_productscups1.1.6any
easy_software_productscups1.1.7any
easy_software_productscups1.1.10any
easy_software_productscups1.1.12any
easy_software_productscups1.1.13any
easy_software_productscups1.1.14any
easy_software_productscups1.1.15any
easy_software_productscups1.1.16any
easy_software_productscups1.1.17any
easy_software_productscups1.1.18any
easy_software_productscups1.1.19any
easy_software_productscups1.1.19_rc5any
easy_software_productscups1.1.20any
easy_software_productscups1.1.21any
applemac_os_x10.2any
applemac_os_x10.2.1any
applemac_os_x10.2.2any
applemac_os_x10.2.3any
applemac_os_x10.2.4any
applemac_os_x10.2.5any
applemac_os_x10.2.6any
applemac_os_x10.2.7any
applemac_os_x10.2.8any
applemac_os_x10.3any
applemac_os_x10.3.1any
applemac_os_x10.3.2any
applemac_os_x10.3.3any
applemac_os_x10.3.4any
applemac_os_x10.3.5any
applemac_os_x_server10.2any
applemac_os_x_server10.2.1any
applemac_os_x_server10.2.2any
applemac_os_x_server10.2.3any
applemac_os_x_server10.2.4any
applemac_os_x_server10.2.5any
applemac_os_x_server10.2.6any
applemac_os_x_server10.2.7any
applemac_os_x_server10.2.8any
applemac_os_x_server10.3any
applemac_os_x_server10.3.1any
applemac_os_x_server10.3.2any
applemac_os_x_server10.3.3any
applemac_os_x_server10.3.4any
applemac_os_x_server10.3.5any

References 9

  • lists.apple.com http://lists.apple.com/archives/security-announce/2004/Oct/msg00000.html
  • ciac.org http://www.ciac.org/ciac/bulletins/p-002.shtml
  • debian.org http://www.debian.org/security/2004/dsa-566
  • kb.cert.org http://www.kb.cert.org/vuls/id/557062
    Third Party AdvisoryUS Government Resource
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2004:116
  • redhat.com http://www.redhat.com/support/errata/RHSA-2004-543.html
    PatchVendor Advisory
  • securityfocus.com http://www.securityfocus.com/bid/11324
    PatchVendor Advisory
  • exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/17593
  • oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10710

Remediation

  • redhat.com http://www.redhat.com/support/errata/RHSA-2004-543.html
    PatchVendor Advisory
  • securityfocus.com http://www.securityfocus.com/bid/11324
    PatchVendor Advisory