Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2008:0818
HistoryAug 15, 2008 - 11:09 a.m.

postfix security update

2008-08-1511:09:32
CentOS Project
lists.centos.org
46

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

9.5%

JSON

CentOS Errata and Security Advisory CESA-2008:0818

The hplip (Hewlett-Packard Linux Imaging and Printing) packages provide
drivers for Hewlett-Packard printers and multifunction peripherals.

A flaw was discovered in the hplip alert-mailing functionality. A local
attacker could elevate their privileges by using specially-crafted packets
to trigger alert mails, which are sent by the root account. (CVE-2008-2940)

A flaw was discovered in the hpssd message parser. By sending
specially-crafted packets, a local attacker could cause a denial of
service, stopping the hpssd process. (CVE-2008-2941)

Users of hplip should upgrade to these updated packages, which contain
backported patches to correct these issues.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2008-August/077351.html
https://lists.centos.org/pipermail/centos-announce/2008-August/077352.html
https://lists.centos.org/pipermail/centos-announce/2008-August/090106.html
https://lists.centos.org/pipermail/centos-announce/2008-August/090107.html

Affected packages:
postfix
postfix-pflogsumm

Upstream details at:
https://access.redhat.com/errata/RHSA-2008:0818

Related

nessus 10
openvas 13
freebsd 1
securityvulns 2
ubuntu 2
redhat 1
oraclelinux 1
cve 2
debiancve 2
prion 2
ubuntucve 2
nessus
nessus
openSUSE 10 Security Update : hplip (hplip-5552)
2008-10-16 00:00:00
Mandriva Linux Security Advisory : hplip (MDVSA-2008:169)
2009-04-23 00:00:00
Ubuntu 7.10 : hplip vulnerabilities (USN-674-2)
2009-04-23 00:00:00
openvas
openvas
SLES10: Security update for hplip
2009-10-13 00:00:00
Ubuntu: Security Advisory (USN-674-2)
2009-03-23 00:00:00
FreeBSD Ports: hplip
2008-12-03 00:00:00
freebsd
freebsd
hplip -- hpssd Denial of Service
2008-08-14 00:00:00
securityvulns
securityvulns
[USN-674-1] HPLIP vulnerabilities
2008-11-21 00:00:00
HPLIP DoS
2008-11-21 00:00:00
ubuntu
ubuntu
HPLIP vulnerabilities
2008-11-24 00:00:00
HPLIP vulnerabilities
2008-11-19 00:00:00
redhat
redhat
(RHSA-2008:0818) Moderate: hplip security update
2008-08-12 00:00:00
oraclelinux
oraclelinux
hplip security update
2008-08-12 00:00:00
cve
cve
CVE-2008-2941
2008-08-14 20:41:00
CVE-2008-2940
2008-08-14 20:41:00
debiancve
debiancve
CVE-2008-2941
2008-08-14 20:41:00
CVE-2008-2940
2008-08-14 20:41:00
prion
prion
Code injection
2008-08-14 20:41:00
Information disclosure
2008-08-14 20:41:00
ubuntucve
ubuntucve
CVE-2008-2941
2008-08-14 00:00:00
CVE-2008-2940
2008-08-14 00:00:00

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

9.5%

JSON
Related for CESA-2008:0818
nessus10openvas13freebsd1securityvulns2ubuntu2redhat1oraclelinux1cve2debiancve2prion2ubuntucve2