107 matches found
CVE-2012-6108
HP Linux Imaging and Printing HPLIP before 3.13.2 uses world-writable permissions for /var/log/hp and /var/log/hp/tmp, which allows local users to delete log files via standard filesystem operations...
CVE-2013-6402
base/pkit.py in HP Linux Imaging and Printing HPLIP through 3.13.11 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hp-pkservice.log temporary file...
CVE-2013-6402
base/pkit.py in HP Linux Imaging and Printing HPLIP through 3.13.11 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hp-pkservice.log temporary file...
DEBIAN-CVE-2013-6402
base/pkit.py in HP Linux Imaging and Printing HPLIP through 3.13.11 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hp-pkservice.log temporary file...
CVE-2013-6402
base/pkit.py in HP Linux Imaging and Printing HPLIP through 3.13.11 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hp-pkservice.log temporary file...
DSA-2829-1 hplip - several
Bulletin has no description...
Debian Security Advisory DSA 2829-1 (hplip - several vulnerabilities)
Multiple vulnerabilities have been found in the HP Linux Printing and Imaging System: Insecure temporary files, insufficient permission checks in PackageKit and the insecure hp-upgrade service has been disabled. OpenVAS Vulnerability Test $Id: deb2829.nasl 6611 2017-07-07 12:07:20Z cfischer $...
CVE-2013-6427
upgrade.py in the hp-upgrade service in HP Linux Imaging and Printing HPLIP 3.x through 3.13.11 launches a program from an http URL, which allows man-in-the-middle attackers to execute arbitrary code by gaining control over the client-server data stream...
CVE-2013-6427
upgrade.py in the hp-upgrade service in HP Linux Imaging and Printing HPLIP 3.x through 3.13.11 launches a program from an http URL, which allows man-in-the-middle attackers to execute arbitrary code by gaining control over the client-server data stream...
CVE-2013-6427
upgrade.py in the hp-upgrade service in HP Linux Imaging and Printing HPLIP 3.x through 3.13.11 launches a program from an http URL, which allows man-in-the-middle attackers to execute arbitrary code by gaining control over the client-server data stream...
CVE-2013-6427
upgrade.py in the hp-upgrade service in HP Linux Imaging and Printing HPLIP 3.x through 3.13.11 launches a program from an http URL, which allows man-in-the-middle attackers to execute arbitrary code by gaining control over the client-server data stream...
CVE-2013-4325
The checkpermissionv1 function in base/pkit.py in HP Linux Imaging and Printing HPLIP through 3.13.9 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race conditio...
CVE-2013-4325
The checkpermissionv1 function in base/pkit.py in HP Linux Imaging and Printing HPLIP through 3.13.9 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race conditio...
Design/Logic Flaw
HP Linux Imaging and Printing HPLIP through 3.12.4 allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/hpcupsfilterc.bmp, 2 /tmp/hpcupsfilterk.bmp, 3 /tmp/hpcupsjob.out, 4 /tmp/hpijs.out, or 5 /tmp/hppsjob.out temporary file, a different vulnerability than...
CVE-2013-0200
HP Linux Imaging and Printing HPLIP through 3.12.4 allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/hpcupsfilterc.bmp, 2 /tmp/hpcupsfilterk.bmp, 3 /tmp/hpcupsjob.out, 4 /tmp/hpijs.out, or 5 /tmp/hppsjob.out temporary file, a different vulnerability than...
CVE-2013-0200
HP Linux Imaging and Printing HPLIP through 3.12.4 allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/hpcupsfilterc.bmp, 2 /tmp/hpcupsfilterk.bmp, 3 /tmp/hpcupsjob.out, 4 /tmp/hpijs.out, or 5 /tmp/hppsjob.out temporary file, a different vulnerability than...
CVE-2013-0200
HP Linux Imaging and Printing HPLIP through 3.12.4 allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/hpcupsfilterc.bmp, 2 /tmp/hpcupsfilterk.bmp, 3 /tmp/hpcupsjob.out, 4 /tmp/hpijs.out, or 5 /tmp/hppsjob.out temporary file, a different vulnerability than...
hplip: insecure temporary file handling
The senddatatostdout function in prnt/hpijs/hpcupsfax.cpp in HP Linux Imaging and Printing HPLIP 3.x before 3.11.10 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hpcupsfax.out temporary file...
CVE-2011-2722
The senddatatostdout function in prnt/hpijs/hpcupsfax.cpp in HP Linux Imaging and Printing HPLIP 3.x before 3.11.10 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hpcupsfax.out temporary file...
CVE-2011-2722
The senddatatostdout function in prnt/hpijs/hpcupsfax.cpp in HP Linux Imaging and Printing HPLIP 3.x before 3.11.10 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hpcupsfax.out temporary file...