Lucene search
K

12 matches found

Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.11 views

RHEL 6 : hplip (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - hplip: hp-plugin verified binary download with short key ID CVE-2015-0839 Note that Nessus has not tested for this...

8.1CVSS8.1AI score0.06296EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.13 views

Debian: Security Advisory (DLA-775-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.2AI score0.06296EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:22 a.m.4 views

SUSE CVE-2015-0839

The hp-plugin utility in HP Linux Imaging and Printing HPLIP makes it easier for man-in-the-middle attackers to execute arbitrary code by leveraging use of a short GPG key id from a keyserver to verify print plugin downloads...

8.1CVSS7.7AI score0.06296EPSS
Exploits0References3
NVD
NVD
added 2017/08/02 7:29 p.m.11 views

CVE-2015-0839

The hp-plugin utility in HP Linux Imaging and Printing HPLIP makes it easier for man-in-the-middle attackers to execute arbitrary code by leveraging use of a short GPG key id from a keyserver to verify print plugin downloads...

8.1CVSS8.1AI score0.06296EPSS
Exploits0References7
Cvelist
Cvelist
added 2017/08/02 7:0 p.m.18 views

CVE-2015-0839

The hp-plugin utility in HP Linux Imaging and Printing HPLIP makes it easier for man-in-the-middle attackers to execute arbitrary code by leveraging use of a short GPG key id from a keyserver to verify print plugin downloads...

8.1AI score0.06296EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2017/08/02 7:0 p.m.22 views

CVE-2015-0839

The hp-plugin utility in HP Linux Imaging and Printing HPLIP makes it easier for man-in-the-middle attackers to execute arbitrary code by leveraging use of a short GPG key id from a keyserver to verify print plugin downloads...

8.1CVSS8.2AI score0.06296EPSS
Exploits0
CVE
CVE
added 2017/08/02 7:0 p.m.72 views

CVE-2015-0839

The CVE-2015-0839 issue affects the hp-plugin download verification in HP Linux Imaging and Printing (HPLIP). Root cause: verification uses a short GPG key ID from a keyserver, enabling MITM attackers to potentially drive arbitrary code execution during print plugin downloads. Impact: network-exp...

8.1CVSS8AI score0.06296EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/01/03 12:0 a.m.28 views

Debian DLA-775-1 : hplip security update

CVE-2015-0839 The hplip plugin download function verifies the driver using a short-key. This is not secure because it is trivial to generate keys with arbitrary key IDs. For Debian 7 'Wheezy', these problems have been fixed in version 3.12.6-3.1+deb7u2. We recommend that you upgrade your hplip...

8.1CVSS7.8AI score0.06296EPSS
Exploits0References3
Debian
Debian
added 2017/01/01 11:9 p.m.19 views

[SECURITY] [DLA 775-1] hplip security update

Package : hplip Version : 3.12.6-3.1+deb7u2 CVE ID : CVE-2015-0839 Debian Bug : 787353 CVE-2015-0839 The hplip plugin download function verifies the driver using a short-key. This is not secure because it is trivial to generate keys with arbitrary key IDs. For Debian 7 "Wheezy", these problems ha...

8.1CVSS8.4AI score0.06296EPSS
Exploits0
Mageia
Mageia
added 2015/09/08 7:20 a.m.22 views

Updated hplip packages fix CVE-2015-0839

Updated hplip packages fix security vulnerability: It was reported that the hp-plugin utility, included in the hplip package, downloads a binary driver and verifies it via a key specified by the key's short ID. A man-in-the-middle attacker could use this flaw to generate a key with the expected...

8.1CVSS7.6AI score0.06296EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/07/31 12:0 a.m.19 views

Ubuntu: Security Advisory (USN-2699-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.1AI score0.06296EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/07/29 12:0 a.m.15 views

Fedora 22 : hplip-3.15.7-1.fc22 (2015-11723)

New upstream bug-fix release, which fixes CVE-2015-0839 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

8.1CVSS7.5AI score0.06296EPSS
Exploits0References3
Rows per page
Query Builder