Executive Summary
Summary | |
---|---|
Title | HPLIP: Privilege escalation |
Informations | |||
---|---|---|---|
Name | GLSA-200710-26 | First vendor Publication | 2007-10-24 |
Vendor | Gentoo | Last vendor Modification | 2007-10-24 |
Severity (Vendor) | High | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:H/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.6 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | High |
Cvss Expoit Score | 4.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Synopsis The hpssd daemon might allow local attackers to execute arbitrary commands with root privileges. Background Description Impact Workaround Resolution References Availability http://security.gentoo.org/glsa/glsa-200710-26.xml |
Original Source
Url : http://security.gentoo.org/glsa/glsa-200710-26.xml |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10692 | |||
Oval ID: | oval:org.mitre.oval:def:10692 | ||
Title: | hpssd in Hewlett-Packard Linux Imaging and Printing Project (hplip) 1.x and 2.x before 2.7.10 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a from address, which is not properly handled when invoking sendmail. | ||
Description: | hpssd in Hewlett-Packard Linux Imaging and Printing Project (hplip) 1.x and 2.x before 2.7.10 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a from address, which is not properly handled when invoking sendmail. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-5208 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17730 | |||
Oval ID: | oval:org.mitre.oval:def:17730 | ||
Title: | USN-530-1 -- hplip vulnerability | ||
Description: | It was discovered that the hpssd tool of hplip did not correctly handle shell meta-characters. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-530-1 CVE-2007-5208 | Version: | 7 |
Platform(s): | Ubuntu 6.10 Ubuntu 7.04 | Product(s): | hplip |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20308 | |||
Oval ID: | oval:org.mitre.oval:def:20308 | ||
Title: | DSA-1462-1 hplip - missing input sanitising | ||
Description: | Kees Cook discovered that the hpssd tool of the HP Linux Printing and Imaging System (HPLIP) performs insufficient input sanitising of shell meta characters, which may result in local privilege escalation to the hplip user. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1462-1 CVE-2007-5208 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | hplip |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21722 | |||
Oval ID: | oval:org.mitre.oval:def:21722 | ||
Title: | ELSA-2007:0960: hplip security update (Important) | ||
Description: | hpssd in Hewlett-Packard Linux Imaging and Printing Project (hplip) 1.x and 2.x before 2.7.10 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a from address, which is not properly handled when invoking sendmail. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2007:0960-01 CVE-2007-5208 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | hplip |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:8070 | |||
Oval ID: | oval:org.mitre.oval:def:8070 | ||
Title: | DSA-1462 hplip -- missing input sanitising | ||
Description: | Kees Cook discovered that the hpssd tool of the HP Linux Printing and Imaging System (HPLIP) performs insufficient input sanitising of shell meta characters, which may result in local privilege escalation to the hplip user. The old stable distribution (sarge) is not affected by this problem. For the stable distribution (etch), this problem has been fixed in version 1.6.10-3etch1. For the unstable distribution (sid), this problem has been fixed in version 1.6.10-4.3. We recommend that you upgrade your hplip packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1462 CVE-2007-5208 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | hplip |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 4 |
OpenVAS Exploits
Date | Description |
---|---|
2009-10-13 | Name : SLES10: Security update for hplip17 and hplip17-hpijs File : nvt/sles10_hplip17.nasl |
2009-04-09 | Name : Mandriva Update for hplip MDKSA-2007:201 (hplip) File : nvt/gb_mandriva_MDKSA_2007_201.nasl |
2009-03-23 | Name : Ubuntu Update for hplip vulnerability USN-530-1 File : nvt/gb_ubuntu_USN_530_1.nasl |
2009-02-27 | Name : Fedora Update for hplip FEDORA-2007-2527 File : nvt/gb_fedora_2007_2527_hplip_fc7.nasl |
2009-02-27 | Name : Fedora Update for hplip FEDORA-2007-724 File : nvt/gb_fedora_2007_724_hplip_fc6.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200710-26 (hplip) File : nvt/glsa_200710_26.nasl |
2008-01-31 | Name : Debian Security Advisory DSA 1462-1 (hplip) File : nvt/deb_1462_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
41693 | Hewlett-Packard Linux Imaging and Printing Project (hplip) hpssd from Address... hplip contains a flaw that may allow an attacker to execute arbitrary code. The issue is triggered when sendmail is invoked to process an email with a malformed From address. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | HP Linux Imaging and Printing Project hpssd daemon command injection attempt RuleID : 26108 - Revision : 4 - Type : SERVER-OTHER |
2014-01-10 | HP Linux Imaging and Printing Project hpssd daemon command injection attempt RuleID : 26107 - Revision : 4 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0960.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071011_hplip_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0960.nasl - Type : ACT_GATHER_INFO |
2008-01-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1462.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_hplip17-4507.nasl - Type : ACT_GATHER_INFO |
2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-530-1.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-2527.nasl - Type : ACT_GATHER_INFO |
2007-10-25 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200710-26.nasl - Type : ACT_GATHER_INFO |
2007-10-25 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-201.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_hplip-4516.nasl - Type : ACT_GATHER_INFO |
2007-10-15 | Name : The remote service allows for arbitrary command execution. File : hpssd_from_address_cmd_exec.nasl - Type : ACT_ATTACK |
2007-10-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0960.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:35:14 |
|