CVE-2007-5208

hplip - 'hpssd.py' From Address Arbitrary Command Execution

Severity Score

7.6

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

hpssd in Hewlett-Packard Linux Imaging and Printing Project (hplip) 1.x and 2.x before 2.7.10 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a from address, which is not properly handled when invoking sendmail.

hpssd en Hewlett-Packard Linux Imaging and Printing Project (hplip) 1.x y 2.x anterior a 2.7.10 permite a atacantes remotos dependientes de contexto ejecutar comandos de su elección mediante metacaracteres de shell en una dirección from, los cuales no son manejados adecuadamente al invocar a sendmail.

*Credits: N/A

CVSS Scores

NISTv2 7.6

Attack Vector

Network

Attack Complexity

High

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2007-10-04 CVE Reserved
2007-10-13 CVE Published
2010-10-09 First Exploit
2024-08-07 CVE Updated
2024-09-23 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-20: Improper Input Validation
CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CAPEC

References (26)

URL	Tag	Source
http://bugs.gentoo.org/show_bug.cgi?id=195565	X_refsource_confirm
http://qa.mandriva.com/show_bug.cgi?id=30719	X_refsource_confirm
http://secunia.com/advisories/27202	Third Party Advisory
http://secunia.com/advisories/27221	Third Party Advisory
http://secunia.com/advisories/27224	Third Party Advisory
http://secunia.com/advisories/27232	Third Party Advisory
http://secunia.com/advisories/27271	Third Party Advisory
http://secunia.com/advisories/27332	Third Party Advisory
http://secunia.com/advisories/27397	Third Party Advisory
http://secunia.com/advisories/28453	Third Party Advisory
http://www.securityfocus.com/bid/26054	Vdb Entry
http://www.securitytracker.com/id?1018806	Vdb Entry
http://www.vupen.com/english/advisories/2007/3479	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/37183	Vdb Entry
https://launchpad.net/bugs/149121	X_refsource_misc
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10692	Signature

URL	Date	SRC
https://www.exploit-db.com/exploits/16837	2010-10-09

URL	Date	SRC
http://www.redhat.com/support/errata/RHSA-2007-0960.html	2018-10-03

URL	Date	SRC
http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html	2018-10-03
http://security.gentoo.org/glsa/glsa-200710-26.xml	2018-10-03
http://www.debian.org/security/2008/dsa-1462	2018-10-03
http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:201	2018-10-03
https://bugzilla.redhat.com/show_bug.cgi?id=319921	2007-10-11
https://usn.ubuntu.com/530-1	2018-10-03
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00200.html	2018-10-03
https://access.redhat.com/security/cve/CVE-2007-5208	2007-10-11

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Hp Search vendor "Hp"		Linux Imaging And Printing Project Search vendor "Hp" for product "Linux Imaging And Printing Project"				<= 2.7.10 Search vendor "Hp" for product "Linux Imaging And Printing Project" and version " <= 2.7.10"		-		Affected
Hp Search vendor "Hp"		Linux Imaging And Printing Project Search vendor "Hp" for product "Linux Imaging And Printing Project"				1.0 Search vendor "Hp" for product "Linux Imaging And Printing Project" and version "1.0"		-		Affected