2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
5.1%
HP Linux Imaging and Printing (HPLIP) before 3.13.2 uses world-writable
permissions for /var/log/hp and /var/log/hp/tmp, which allows local users
to delete log files via standard filesystem operations.
Author | Note |
---|---|
jdstrand | Ubuntu 8.04 LTS - 11.10 does not ship /var/log/hp 12.04 LTS - 13.04 not affected (0755 root:root) Debian’s hplip 3.12.6-3 not-affected |