Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_11_4_HPLIP-110812.NASL
HistoryJun 13, 2014 - 12:00 a.m.

openSUSE Security Update : hplip (openSUSE-SU-2011:0950-1)

2014-06-1300:00:00
This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
15

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

76.7%

JSON

This update of hplip fixes :

  • CVE-2004-0801: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P): This patch originally affected foomatic-rip in CUPS but was found to be in foomatic-rip-hplip too.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update hplip-4987.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(75861);
  script_version("1.7");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2004-0801");

  script_name(english:"openSUSE Security Update : hplip (openSUSE-SU-2011:0950-1)");
  script_summary(english:"Check for the hplip-4987 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This update of hplip fixes :

  - CVE-2004-0801: CVSS v2 Base Score: 7.5
    (AV:N/AC:L/Au:N/C:P/I:P/A:P): This patch originally
    affected foomatic-rip in CUPS but was found to be in
    foomatic-rip-hplip too."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=59233"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://lists.opensuse.org/opensuse-updates/2011-08/msg00036.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected hplip packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:hplip");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:hplip-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:hplip-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:hplip-hpijs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:hplip-hpijs-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.4");

  script_set_attribute(attribute:"patch_publication_date", value:"2011/08/12");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE11\.4)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.4", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE11.4", reference:"hplip-3.11.5-1.5.1") ) flag++;
if ( rpm_check(release:"SUSE11.4", reference:"hplip-debuginfo-3.11.5-1.5.1") ) flag++;
if ( rpm_check(release:"SUSE11.4", reference:"hplip-debugsource-3.11.5-1.5.1") ) flag++;
if ( rpm_check(release:"SUSE11.4", reference:"hplip-hpijs-3.11.5-1.5.1") ) flag++;
if ( rpm_check(release:"SUSE11.4", reference:"hplip-hpijs-debuginfo-3.11.5-1.5.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "hplip");
}
VendorProductVersionCPE
novellopensusehplipp-cpe:/a:novell:opensuse:hplip
novellopensusehplip-debuginfop-cpe:/a:novell:opensuse:hplip-debuginfo
novellopensusehplip-debugsourcep-cpe:/a:novell:opensuse:hplip-debugsource
novellopensusehplip-hpijsp-cpe:/a:novell:opensuse:hplip-hpijs
novellopensusehplip-hpijs-debuginfop-cpe:/a:novell:opensuse:hplip-hpijs-debuginfo
novellopensuse11.4cpe:/o:novell:opensuse:11.4

Related

nessus 8
debiancve 1
securityvulns 1
cve 1
gentoo 1
openvas 4
suse 2
cvelist 1
nvd 1
ubuntucve 1
nessus
nessus
openSUSE 10 Security Update : foomatic-filters (foomatic-filters-1436)
2007-10-17 00:00:00
Fedora Core 2 : foomatic-3.0.1-3.1 (2004-303)
2004-09-22 00:00:00
Mandrake Linux Security Advisory : printer-drivers (MDKSA-2004:094)
2004-09-16 00:00:00
debiancve
debiancve
CVE-2004-0801
2004-09-24 04:00:00
securityvulns
securityvulns
MDKSA-2004:094 - Updated printer-drivers packages fix vulnerability in foomatic
2004-09-16 00:00:00
cve
cve
CVE-2004-0801
2004-09-24 04:00:00
gentoo
gentoo
Foomatic: Arbitrary command execution in foomatic-rip filter
2004-09-20 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200409-24 (foomatic)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200409-24 (foomatic)
2008-09-24 00:00:00
SLES9: Security update for CUPS
2009-10-10 00:00:00
suse
suse
remote code execution in foomatic-filters
2006-05-30 12:43:36
remote code execution in cups
2004-09-15 14:45:26
cvelist
cvelist
CVE-2004-0801
2004-09-24 04:00:00
nvd
nvd
CVE-2004-0801
2004-09-16 04:00:00
ubuntucve
ubuntucve
CVE-2004-0801
2004-09-16 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

76.7%

JSON
Related for SUSE_11_4_HPLIP-110812.NASL
nessus8debiancve1securityvulns1cve1gentoo1openvas4suse2cvelist1nvd1ubuntucve1