Lucene search

PRIOn knowledge basePRION:CVE-2008-2940

HistoryAug 14, 2008 - 8:41 p.m.

Information disclosure

2008-08-1420:41:00

PRIOn knowledge base

www.prio-n.com

6.4 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

8.3%

JSON

The alert-mailing implementation in HP Linux Imaging and Printing (HPLIP) 1.6.7 allows local users to gain privileges and send e-mail messages from the root account via vectors related to the setalerts message, and lack of validation of the device URI associated with an event message.

CPENameOperatorVersion
linux_imaging_and_printing_projecteq1.6.7

CPE	Name	Operator	Version
	linux_imaging_and_printing_project	eq	1.6.7

References

lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html

secunia.com/advisories/31470

secunia.com/advisories/31499

secunia.com/advisories/32316

secunia.com/advisories/32792

securitytracker.com/id?1020684

www.mandriva.com/security/advisories?name=MDVSA-2008:169

www.redhat.com/support/errata/RHSA-2008-0818.html

www.securityfocus.com/bid/30683

www.ubuntu.com/usn/USN-674-1

www.ubuntu.com/usn/USN-674-2

bugzilla.redhat.com/show_bug.cgi?id=455235

exchange.xforce.ibmcloud.com/vulnerabilities/44441

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10136

6.4 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

8.3%

JSON

Related for PRION:CVE-2008-2940