Lucene search

[email protected]CVE-2008-1033

HistoryJun 02, 2008 - 9:30 p.m.

CVE-2008-1033

2008-06-0221:30:00

CWE-264

[email protected]

web.nvd.nist.gov

cups

apple

mac os x

vulnerability

cve-2008-1033

information security

authentication

logging

nvd

2.1 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:S/C:P/I:N/A:N

5.2 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

60.0%

JSON

The scheduler in CUPS in Apple Mac OS X 10.5 before 10.5.3, when debug logging is enabled and a printer requires a password, allows attackers to obtain sensitive information (credentials) by reading the log data, related to “authentication environment variables.”

Affected configurations

NVD

Node

applemac_os_x

applemac_os_x_serverMatch10.5

applemac_os_x_serverMatch10.5.1

applemac_os_x_serverMatch10.5.2

AND

applecups

CPENameOperatorVersion
apple:cupsapple cupseq*

CPE	Name	Operator	Version
apple:cups	apple cups	eq	*

References

lists.apple.com/archives/security-announce/2008//May/msg00001.html

secunia.com/advisories/30430

securitytracker.com/id?1020145

www.securityfocus.com/bid/29412

www.securityfocus.com/bid/29484

www.us-cert.gov/cas/techalerts/TA08-150A.html

www.vupen.com/english/advisories/2008/1697

exchange.xforce.ibmcloud.com/vulnerabilities/42713

2.1 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:S/C:P/I:N/A:N

5.2 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

60.0%

JSON

Related for CVE-2008-1033

cvelist1 nvd1 debiancve1 prion1 securityvulns2 seebug1 nessus2 openvas2