The host is running CUPS and is prone to Information disclosure vulnerability.
Successful exploitation will allow attackers to obtain sensitive information from cupsd process memory via a crafted request. Impact Level: Application
Upgrade to CUPS version 1.4.4 or later, For updates refer to http://www.cups.org/software.php
This flaw is due to an error in 'cgi_initialize_string' function in 'cgi-bin/var.c' which mishandles input parameters containing the '%' character.
CUPS version 1.4.3 and prior.
- Check for IIS .cnf file leakage
- Cherokee Terminal Escape Sequence in Logs Command Injection Vulnerability
- CA ARCserver D2D GWT RPC Request Multiple Vulnerabilities
- Acme thttpd and mini_httpd Terminal Escape Sequence in Logs Command Injection Vulnerability
- Lil' HTTP Server Cross Site Scripting Vulnerability