LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

hplip: arbitrary code execution

Package(s):hplip CVE #(s):CVE-2010-4267
Created:January 18, 2011 Updated:March 16, 2012
Description: From the Red Hat advisory:

A flaw was found in the way certain HPLIP tools discovered devices using the SNMP protocol. If a user ran certain HPLIP tools that search for supported devices using SNMP, and a malicious user is able to send specially-crafted SNMP responses, it could cause those HPLIP tools to crash or, possibly, execute arbitrary code with the privileges of the user running them.

Alerts:
CentOS CESA-2011:0154 2011-04-14
CentOS CESA-2011:0154 2011-04-14
SUSE SUSE-SR:2011:005 2011-04-01
Pardus 2011-33 2011-02-12
Debian DSA-2152-1 2011-01-27
Fedora FEDORA-2011-0524 2011-01-18
Fedora FEDORA-2011-0525 2011-01-18
Ubuntu USN-1051-1 2011-01-25
openSUSE openSUSE-SU-2011:0068-1 2011-01-21
Mandriva MDVSA-2011:013 2011-01-19
Red Hat RHSA-2011:0154-01 2011-01-17
SUSE SUSE-SR:2011:002 2011-01-25
Gentoo 201203-17 2012-03-16
Oracle ELSA-2013-0133 2013-01-12
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds