Lucene search

Ubuntu.comUB:CVE-2013-6427

HistoryDec 09, 2013 - 12:00 a.m.

CVE-2013-6427

2013-12-0900:00:00

ubuntu.com

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

77.3%

JSON

upgrade.py in the hp-upgrade service in HP Linux Imaging and Printing
(HPLIP) 3.x through 3.13.11 launches a program from an http URL, which
allows man-in-the-middle attackers to execute arbitrary code by gaining
control over the client-server data stream.

Bugs

Notes

Author	Note
mdeslaur	Precise and earlier don’t have the upgrade.py file. In Quantal, Raring, Saucy and Trusty, upgrade.py actually bails out because the specific ubuntu version isn’t marked as “supported” in distros.dat, so even if this script is run as root, it doesn’t do anything, thankfully.

OSVersionArchitecturePackageVersionFilename
ubuntu12.10noarchhplip< 3.12.6-3ubuntu4.3UNKNOWN
ubuntu13.10noarchhplip< 3.13.9-1ubuntu0.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	12.10	noarch	hplip	< 3.12.6-3ubuntu4.3	UNKNOWN
ubuntu	13.10	noarch	hplip	< 3.13.9-1ubuntu0.1	UNKNOWN

References

www.openwall.com/lists/oss-security/2013/12/05/2

launchpad.net/bugs/cve/CVE-2013-6427

nvd.nist.gov/vuln/detail/CVE-2013-6427

security-tracker.debian.org/tracker/CVE-2013-6427

ubuntu.com/security/notices/USN-2085-1

www.cve.org/CVERecord?id=CVE-2013-6427

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

77.3%

JSON

Related for UB:CVE-2013-6427