CVE-2004-0923
CUPS 1.1.20 and earlier records authentication information for a device URI in the error_log file, which allows local users to obtain user names and passwords.
Date published : 2004-10-26
http://lists.apple.com/archives/security-announce/2004/Oct/msg00000.html