Executive Summary

Informations
Name CVE-2010-4267 First vendor Publication 2011-01-20
Vendor Cve Last vendor Modification 2024-11-21

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 7.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Stack-based buffer overflow in the hpmud_get_pml function in io/hpmud/pml.c in Hewlett-Packard Linux Imaging and Printing (HPLIP) 1.6.7, 3.9.8, 3.10.9, and probably other versions allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SNMP response with a large length value.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4267

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:12140
 
Oval ID: oval:org.mitre.oval:def:12140
Title: DSA-2152-1 hplip -- buffer overflow
Description: Sebastian Krahmer discovered a buffer overflow in the SNMP discovery code of the HP Linux Printing and Imaging System, which could result in the execution of arbitrary code.
Family: unix Class: patch
Reference(s): DSA-2152-1
CVE-2010-4267
 Version: 5
Platform(s): Debian GNU/Linux 5.0
 Product(s): hplip
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13221
 
Oval ID: oval:org.mitre.oval:def:13221
Title: USN-1051-1 -- hplip vulnerability
Description: Sebastian Krahmer discovered that HPLIP incorrectly handled certain long SNMP responses. A remote attacker could send malicious SNMP replies to certain HPLIP tools and cause them to crash or possibly execute arbitrary code.
Family: unix Class: patch
Reference(s): USN-1051-1
CVE-2010-4267
 Version: 5
Platform(s): Ubuntu 8.04
Ubuntu 10.10
Ubuntu 9.10
Ubuntu 10.04
 Product(s): hplip
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21813
 
Oval ID: oval:org.mitre.oval:def:21813
Title: RHSA-2011:0154: hplip security update (Moderate)
Description: Stack-based buffer overflow in the hpmud_get_pml function in io/hpmud/pml.c in Hewlett-Packard Linux Imaging and Printing (HPLIP) 1.6.7, 3.9.8, 3.10.9, and probably other versions allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SNMP response with a large length value.
Family: unix Class: patch
Reference(s): RHSA-2011:0154-01
CVE-2010-4267
CESA-2011:0154-CentOS 5
 Version: 6
Platform(s): Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 5
CentOS Linux 5
 Product(s): hplip
hplip3
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23302
 
Oval ID: oval:org.mitre.oval:def:23302
Title: ELSA-2011:0154: hplip security update (Moderate)
Description: Stack-based buffer overflow in the hpmud_get_pml function in io/hpmud/pml.c in Hewlett-Packard Linux Imaging and Printing (HPLIP) 1.6.7, 3.9.8, 3.10.9, and probably other versions allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SNMP response with a large length value.
Family: unix Class: patch
Reference(s): ELSA-2011:0154-01
CVE-2010-4267
 Version: 6
Platform(s): Oracle Linux 6
 Product(s): hplip
hplip3
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27998
 
Oval ID: oval:org.mitre.oval:def:27998
Title: DEPRECATED: ELSA-2011-0154 -- hplip security update (moderate)
Description: [3.9.8-33:.1] - Applied patch to fix CVE-2010-4267, remote stack overflow vulnerability (bug #662740).
Family: unix Class: patch
Reference(s): ELSA-2011-0154
CVE-2010-4267
 Version: 4
Platform(s): Oracle Linux 5
Oracle Linux 6
 Product(s): hplip
hplip3
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 3

OpenVAS Exploits

Date Description
2012-07-30 Name : CentOS Update for hpijs3 CESA-2011:0154 centos5 x86_64
File : nvt/gb_CESA-2011_0154_hpijs3_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for hpijs CESA-2011:0154 centos5 x86_64
File : nvt/gb_CESA-2011_0154_hpijs_centos5_x86_64.nasl
2012-04-30 Name : Gentoo Security Advisory GLSA 201203-17 (hplip)
File : nvt/glsa_201203_17.nasl
2011-09-12 Name : Fedora Update for hplip FEDORA-2011-11199
File : nvt/gb_fedora_2011_11199_hplip_fc14.nasl
2011-08-09 Name : CentOS Update for hpijs3 CESA-2011:0154 centos5 i386
File : nvt/gb_CESA-2011_0154_hpijs3_centos5_i386.nasl
2011-08-09 Name : CentOS Update for hpijs CESA-2011:0154 centos5 i386
File : nvt/gb_CESA-2011_0154_hpijs_centos5_i386.nasl
2011-03-07 Name : Debian Security Advisory DSA 2152-1 (hplip)
File : nvt/deb_2152_1.nasl
2011-01-31 Name : Fedora Update for hplip FEDORA-2011-0524
File : nvt/gb_fedora_2011_0524_hplip_fc14.nasl
2011-01-31 Name : Fedora Update for hplip FEDORA-2011-0525
File : nvt/gb_fedora_2011_0525_hplip_fc13.nasl
2011-01-31 Name : Ubuntu Update for hplip vulnerability USN-1051-1
File : nvt/gb_ubuntu_USN_1051_1.nasl
2011-01-21 Name : RedHat Update for hplip RHSA-2011:0154-01
File : nvt/gb_RHSA-2011_0154-01_hplip.nasl
2011-01-21 Name : Mandriva Update for hplip MDVSA-2011:013 (hplip)
File : nvt/gb_mandriva_MDVSA_2011_013.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
70498 HP Linux Imaging and Printing (HPLIP) hpmud_get_pml() Function SNMP Response ...

HP Linux Imaging and Printing is prone to an overflow condition. The 'hpmud_get_pml' function in 'io/hpmud/pml.c' fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. With a specially crafted SNMP response with a large length value, a remote attacker can potentially execute arbitrary code.

Nessus® Vulnerability Scanner

Date Description
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_hplip-110117.nasl - Type : ACT_GATHER_INFO
2013-08-22 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2013-233-01.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0154.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110117_hplip_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-03-19 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201203-17.nasl - Type : ACT_GATHER_INFO
2011-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_hplip-110117.nasl - Type : ACT_GATHER_INFO
2011-04-15 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0154.nasl - Type : ACT_GATHER_INFO
2011-01-31 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2152.nasl - Type : ACT_GATHER_INFO
2011-01-28 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-013.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote Fedora host is missing a security update.
File : fedora_2011-0524.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote Fedora host is missing a security update.
File : fedora_2011-0525.nasl - Type : ACT_GATHER_INFO
2011-01-26 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1051-1.nasl - Type : ACT_GATHER_INFO
2011-01-24 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_hplip-101222.nasl - Type : ACT_GATHER_INFO
2011-01-18 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0154.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053472...
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053474...
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
http://osvdb.org/70498
http://secunia.com/advisories/42939
http://secunia.com/advisories/42956
http://secunia.com/advisories/43022
http://secunia.com/advisories/43068
http://secunia.com/advisories/43083
http://secunia.com/advisories/43102
http://secunia.com/advisories/48441
http://security.gentoo.org/glsa/glsa-201203-17.xml
http://www.debian.org/security/2011/dsa-2152
http://www.mandriva.com/security/advisories?name=MDVSA-2011:013
http://www.redhat.com/support/errata/RHSA-2011-0154.html
http://www.securityfocus.com/bid/45833
http://www.securitytracker.com/id?1024967
http://www.ubuntu.com/usn/USN-1051-1
http://www.vupen.com/english/advisories/2011/0136
http://www.vupen.com/english/advisories/2011/0160
http://www.vupen.com/english/advisories/2011/0211
http://www.vupen.com/english/advisories/2011/0212
http://www.vupen.com/english/advisories/2011/0228
http://www.vupen.com/english/advisories/2011/0243
https://bugzilla.redhat.com/attachment.cgi?id=468455&action=diff
https://bugzilla.redhat.com/show_bug.cgi?id=662740
https://exchange.xforce.ibmcloud.com/vulnerabilities/64738
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
Date Informations
2024-11-28 23:06:20
  • Multiple Updates
2024-11-28 12:23:36
  • Multiple Updates
2021-05-04 12:12:32
  • Multiple Updates
2021-04-22 01:13:27
  • Multiple Updates
2020-05-23 00:26:56
  • Multiple Updates
2017-08-17 09:23:09
  • Multiple Updates
2016-06-28 18:22:44
  • Multiple Updates
2016-04-26 20:14:28
  • Multiple Updates
2014-06-14 13:29:47
  • Multiple Updates
2014-02-17 10:58:39
  • Multiple Updates
2014-02-12 13:22:01
  • Multiple Updates
2013-05-10 23:37:09
  • Multiple Updates