CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
95.1%
CentOS Errata and Security Advisory CESA-2011:0154
Hewlett-Packard Linux Imaging and Printing (HPLIP) provides drivers for
Hewlett-Packard printers and multifunction peripherals, and tools for
installing, using, and configuring them.
A flaw was found in the way certain HPLIP tools discovered devices using
the SNMP protocol. If a user ran certain HPLIP tools that search for
supported devices using SNMP, and a malicious user is able to send
specially-crafted SNMP responses, it could cause those HPLIP tools to crash
or, possibly, execute arbitrary code with the privileges of the user
running them. (CVE-2010-4267)
Red Hat would like to thank Sebastian Krahmer of the SuSE Security Team for
reporting this issue.
Users of hplip should upgrade to these updated packages, which contain a
backported patch to correct this issue.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2011-April/079504.html
https://lists.centos.org/pipermail/centos-announce/2011-April/079505.html
https://lists.centos.org/pipermail/centos-announce/2011-April/079506.html
https://lists.centos.org/pipermail/centos-announce/2011-April/079507.html
Affected packages:
hpijs
hpijs3
hplip
hplip3
hplip3-common
hplip3-gui
hplip3-libs
libsane-hpaio
libsane-hpaio3
Upstream details at:
https://access.redhat.com/errata/RHSA-2011:0154
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 5 | i386 | hpijs | < 1.6.7-6.el5_6.1 | hpijs-1.6.7-6.el5_6.1.i386.rpm |
CentOS | 5 | i386 | hplip | < 1.6.7-6.el5_6.1 | hplip-1.6.7-6.el5_6.1.i386.rpm |
CentOS | 5 | i386 | libsane-hpaio | < 1.6.7-6.el5_6.1 | libsane-hpaio-1.6.7-6.el5_6.1.i386.rpm |
CentOS | 5 | x86_64 | hpijs | < 1.6.7-6.el5_6.1 | hpijs-1.6.7-6.el5_6.1.x86_64.rpm |
CentOS | 5 | x86_64 | hplip | < 1.6.7-6.el5_6.1 | hplip-1.6.7-6.el5_6.1.x86_64.rpm |
CentOS | 5 | x86_64 | libsane-hpaio | < 1.6.7-6.el5_6.1 | libsane-hpaio-1.6.7-6.el5_6.1.x86_64.rpm |
CentOS | 5 | i386 | hpijs3 | < 3.9.8-11.el5_6.1 | hpijs3-3.9.8-11.el5_6.1.i386.rpm |
CentOS | 5 | i386 | hplip3 | < 3.9.8-11.el5_6.1 | hplip3-3.9.8-11.el5_6.1.i386.rpm |
CentOS | 5 | i386 | hplip3-common | < 3.9.8-11.el5_6.1 | hplip3-common-3.9.8-11.el5_6.1.i386.rpm |
CentOS | 5 | i386 | hplip3-gui | < 3.9.8-11.el5_6.1 | hplip3-gui-3.9.8-11.el5_6.1.i386.rpm |