1. Gentoo Linux Security Advisory
| Advisory Reference | GLSA 200410-06 / cups |
| Release Date | October 09, 2004 |
| Latest Revision | October 09, 2004: 01 |
| Impact | normal |
| Exploitable | local |
| Package | Vulnerable versions | Unaffected versions | Architecture(s) |
| net-print/cups | <= 1.1.20-r2, = 1.1.21 | revision >= 1.1.20-r3, >= 1.1.21-r1 | All supported architectures |
Related bugreports: #66501
CUPS leaks information about user names and passwords when using remote printing to SMB-shared printers which require authentication.
The Common UNIX Printing System (CUPS) is a cross-platform print spooler.
When printing to a SMB-shared printer requiring authentication, CUPS leaks the user name and password to a logfile.
A local user could gain knowledge of sensitive authentication data.
There is no known workaround at this time.
All CUPS users should upgrade to the latest version:
Code Listing 3.1: Resolution |
# emerge sync # emerge -pv ">=net-print/cups-1.1.20-r3" # emerge ">=net-print/cups-1.1.20-r3" |