CVE-2004-0923
NONE EPSS 35.7%
Published Jan 27, 200521y ago · Modified Jun 16, 20262w ago
Published Jan 27, 2005 21y ago
Last Modified Jun 16, 2026 2w ago
Description
CUPS 1.1.20 and earlier records authentication information for a device URI in the error_log file, which allows local users to obtain user names and passwords.
Threat Intelligence
EPSS Exploit Probability
35.7% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 51
| Vendor | Product | Version | Range |
|---|---|---|---|
| easy_software_products | cups | 1.0.4 | any |
| easy_software_products | cups | 1.0.4_8 | any |
| easy_software_products | cups | 1.1.1 | any |
| easy_software_products | cups | 1.1.4 | any |
| easy_software_products | cups | 1.1.4_2 | any |
| easy_software_products | cups | 1.1.4_3 | any |
| easy_software_products | cups | 1.1.4_5 | any |
| easy_software_products | cups | 1.1.6 | any |
| easy_software_products | cups | 1.1.7 | any |
| easy_software_products | cups | 1.1.10 | any |
| easy_software_products | cups | 1.1.12 | any |
| easy_software_products | cups | 1.1.13 | any |
| easy_software_products | cups | 1.1.14 | any |
| easy_software_products | cups | 1.1.15 | any |
| easy_software_products | cups | 1.1.16 | any |
| easy_software_products | cups | 1.1.17 | any |
| easy_software_products | cups | 1.1.18 | any |
| easy_software_products | cups | 1.1.19 | any |
| easy_software_products | cups | 1.1.19_rc5 | any |
| easy_software_products | cups | 1.1.20 | any |
| easy_software_products | cups | 1.1.21 | any |
| apple | mac_os_x | 10.2 | any |
| apple | mac_os_x | 10.2.1 | any |
| apple | mac_os_x | 10.2.2 | any |
| apple | mac_os_x | 10.2.3 | any |
| apple | mac_os_x | 10.2.4 | any |
| apple | mac_os_x | 10.2.5 | any |
| apple | mac_os_x | 10.2.6 | any |
| apple | mac_os_x | 10.2.7 | any |
| apple | mac_os_x | 10.2.8 | any |
| apple | mac_os_x | 10.3 | any |
| apple | mac_os_x | 10.3.1 | any |
| apple | mac_os_x | 10.3.2 | any |
| apple | mac_os_x | 10.3.3 | any |
| apple | mac_os_x | 10.3.4 | any |
| apple | mac_os_x | 10.3.5 | any |
| apple | mac_os_x_server | 10.2 | any |
| apple | mac_os_x_server | 10.2.1 | any |
| apple | mac_os_x_server | 10.2.2 | any |
| apple | mac_os_x_server | 10.2.3 | any |
| apple | mac_os_x_server | 10.2.4 | any |
| apple | mac_os_x_server | 10.2.5 | any |
| apple | mac_os_x_server | 10.2.6 | any |
| apple | mac_os_x_server | 10.2.7 | any |
| apple | mac_os_x_server | 10.2.8 | any |
| apple | mac_os_x_server | 10.3 | any |
| apple | mac_os_x_server | 10.3.1 | any |
| apple | mac_os_x_server | 10.3.2 | any |
| apple | mac_os_x_server | 10.3.3 | any |
| apple | mac_os_x_server | 10.3.4 | any |
| apple | mac_os_x_server | 10.3.5 | any |
References 9
- lists.apple.com http://lists.apple.com/archives/security-announce/2004/Oct/msg00000.html
- ciac.org http://www.ciac.org/ciac/bulletins/p-002.shtml
- debian.org http://www.debian.org/security/2004/dsa-566
- kb.cert.org http://www.kb.cert.org/vuls/id/557062
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2004:116
- redhat.com http://www.redhat.com/support/errata/RHSA-2004-543.html
- securityfocus.com http://www.securityfocus.com/bid/11324
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/17593
- oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10710
Remediation
- redhat.com http://www.redhat.com/support/errata/RHSA-2004-543.html
- securityfocus.com http://www.securityfocus.com/bid/11324