CVSS: 1.9EPSS: 0%CPEs: 16EXPL: 0CVE-2011-2722 – hplip: insecure temporary file handling
https://notcve.org/view.php?id=CVE-2011-2722
The send_data_to_stdout function in prnt/hpijs/hpcupsfax.cpp in HP Linux Imaging and Printing (HPLIP) 3.x before 3.11.10 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hpcupsfax.out temporary file. La función send_data_to_stdout en prnt/hpijs/hpcupsfax.cpp en HP Linux Imaging y Printing (HPLIP) v3.x anterior a v3.11.10 permite a usuarios locales sobreescribir ficheros arbitrarios mediante un ataque de enlaces simbólicos sobre el fichero temporal /tmp/hpcupsfax.out • http://hplipopensource.com/hplip-web/release_notes.html http://rhn.redhat.com/errata/RHSA-2013-0133.html http://secunia.com/advisories/48441 http://secunia.com/advisories/55083 http://security.gentoo.org/glsa/glsa-201203-17.xml http://www.openwall.com/lists/oss-security/2011/07/26/14 http://www.ubuntu.com/usn/USN-1981-1 https://bugs.launchpad.net/hplip/+bug/809904 https://bugzilla.novell.com/show_bug.cgi?id=704608 https://bugzilla.redhat.com/attachment.cgi?id&# • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-377: Insecure Temporary File •
CVSS: 6.8EPSS: 4%CPEs: 1EXPL: 5CVE-2011-2697 – foomatic: Improper sanitization of command line option in foomatic-rip
https://notcve.org/view.php?id=CVE-2011-2697
foomatic-rip-hplip in HP Linux Imaging and Printing (HPLIP) 3.11.5 allows remote attackers to execute arbitrary code via a crafted *FoomaticRIPCommandLine field in a .ppd file. foomatic-rip-hplip en HP Linux Imaging and Printing (HPLIP) v3.11.5 permite a atacantes remotos ejecutar código de su elección a través de un campo *FoomaticRIPCommandLine debidamente modificado en un archivo .ppd. • http://security.gentoo.org/glsa/glsa-201203-07.xml http://www.mandriva.com/security/advisories?name=MDVSA-2011:125 http://www.openwall.com/lists/oss-security/2011/07/13/3 http://www.openwall.com/lists/oss-security/2011/07/18/3 http://www.openwall.com/lists/oss-security/2011/07/28/1 http://www.ubuntu.com/usn/USN-1194-1 http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf https://bugzilla.novell.com/show_bug.cgi& • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 11%CPEs: 3EXPL: 0CVE-2010-4267 – hplip: remote stack overflow vulnerability
https://notcve.org/view.php?id=CVE-2010-4267
Stack-based buffer overflow in the hpmud_get_pml function in io/hpmud/pml.c in Hewlett-Packard Linux Imaging and Printing (HPLIP) 1.6.7, 3.9.8, 3.10.9, and probably other versions allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SNMP response with a large length value. Desbordamiento de búfer basado en pila en la función hpmud_get_pml de io/hpmud/pml.c de Hewlett-Packard Linux Imaging and Printing (HPLIP) v1.6.7, v3.9.8, v3.10.9 y puede que otras versiones, permite a atacantes remotos provocar una denegación de servicio (caída) y probablemente ejecutar código de su elección mediante una respuesta SNMP manipulada con un valor de longitud largo. • http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053472.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053474.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html http://osvdb.org/70498 http://secunia.com/advisories/42939 http://secunia.com/advisories/42956 http://secunia.com/advisories/43022 http://secunia.com/advisories/43068 http://secunia. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2008-2941 – hplip hpssd.py Denial-Of-Service parsing vulnerability
https://notcve.org/view.php?id=CVE-2008-2941
The hpssd message parser in hpssd.py in HP Linux Imaging and Printing (HPLIP) 1.6.7 allows local users to cause a denial of service (process stop) via a crafted packet, as demonstrated by sending "msg=0" to TCP port 2207. El analizador de mensajes hpssd en hpssd.py HP Linux Imaging and Printing (HPLIP) 1.6.7 permite a los usuarios locales provocar una denegación de servicio (con parada de proceso) a través de un paquete modificado, como se ha demostrado mediante el envío de "msg = 0" al puerto TCP 2207. • http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html http://secunia.com/advisories/31470 http://secunia.com/advisories/31499 http://secunia.com/advisories/32316 http://secunia.com/advisories/32792 http://securitytracker.com/id?1020683 http://www.mandriva.com/security/advisories?name=MDVSA-2008:169 http://www.redhat.com/support/errata/RHSA-2008-0818.html http://www.securityfocus.com/bid/30683 http://www.ubuntu.com/usn/USN-674-1 http://www.ubuntu.com&#x • CWE-20: Improper Input Validation •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2008-2940 – hpssd of hplip allows unprivileged user to trigger alert mail
https://notcve.org/view.php?id=CVE-2008-2940
The alert-mailing implementation in HP Linux Imaging and Printing (HPLIP) 1.6.7 allows local users to gain privileges and send e-mail messages from the root account via vectors related to the setalerts message, and lack of validation of the device URI associated with an event message. La implementación del envío de alertas por correo del HP Linux Imaging and Printing (HPLIP)1.6.7 permite a usuarios locales obtener privilegios y enviar mensajes de correo electrónico desde la cuenta de root a través de vectores relacionados con el mensaje "setalerts", y una falta de validación del URI del dispositivo asociado con mensaje de evento. • http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html http://secunia.com/advisories/31470 http://secunia.com/advisories/31499 http://secunia.com/advisories/32316 http://secunia.com/advisories/32792 http://securitytracker.com/id?1020684 http://www.mandriva.com/security/advisories?name=MDVSA-2008:169 http://www.redhat.com/support/errata/RHSA-2008-0818.html http://www.securityfocus.com/bid/30683 http://www.ubuntu.com/usn/USN-674-1 http://www.ubuntu.com&#x • CWE-264: Permissions, Privileges, and Access Controls •