Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.870929
Kategorie:Red Hat Local Security Checks
Titel:RedHat Update for hplip RHSA-2013:0500-02
Zusammenfassung:The remote host is missing an update for the 'hplip'; package(s) announced via the referenced advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'hplip'
package(s) announced via the referenced advisory.

Vulnerability Insight:
The hplip packages contain the Hewlett-Packard Linux Imaging and Printing
Project (HPLIP), which provides drivers for Hewlett-Packard printers and
multi-function peripherals.

Several temporary file handling flaws were found in HPLIP. A local attacker
could use these flaws to perform a symbolic link attack, overwriting
arbitrary files accessible to a process using HPLIP. (CVE-2013-0200,
CVE-2011-2722)

The CVE-2013-0200 issues were discovered by Tim Waugh of Red Hat.

The hplip packages have been upgraded to upstream version 3.12.4, which
provides a number of bug fixes and enhancements over the previous version.
(BZ#731900)

This update also fixes the following bugs:

* Previously, the hpijs package required the obsolete cupsddk-drivers
package, which was provided by the cups package. Under certain
circumstances, this dependency caused hpijs installation to fail. This
bug has been fixed and hpijs no longer requires cupsddk-drivers.
(BZ#829453)

* The configuration of the Scanner Access Now Easy (SANE) back end is
located in the /etc/sane.d/dll.d/ directory, however, the hp-check
utility checked only the /etc/sane.d/dll.conf file. Consequently,
hp-check checked for correct installation, but incorrectly reported a
problem with the way the SANE back end was installed. With this update,
hp-check properly checks for installation problems in both locations as
expected. (BZ#683007)

All users of hplip are advised to upgrade to these updated packages, which
fix these issues and add these enhancements.

Affected Software/OS:
hplip on Red Hat Enterprise Linux Desktop (v. 6),
Red Hat Enterprise Linux Server (v. 6),
Red Hat Enterprise Linux Workstation (v. 6)

Solution:
Please Install the Updated Packages.

CVSS Score:
1.9

CVSS Vector:
AV:L/AC:M/Au:N/C:N/I:P/A:N

Querverweis: BugTraq ID: 48892
BugTraq ID: 58079
Common Vulnerability Exposure (CVE) ID: CVE-2011-2722
http://security.gentoo.org/glsa/glsa-201203-17.xml
http://www.openwall.com/lists/oss-security/2011/07/26/14
RedHat Security Advisories: RHSA-2013:0133
http://rhn.redhat.com/errata/RHSA-2013-0133.html
http://secunia.com/advisories/48441
http://secunia.com/advisories/55083
http://www.ubuntu.com/usn/USN-1981-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-0200
Debian Security Information: DSA-2829 (Google Search)
http://www.debian.org/security/2013/dsa-2829
http://www.mandriva.com/security/advisories?name=MDVSA-2013:088
http://hplipopensource.com/hplip-web/release_notes.html
CopyrightCopyright (c) 2013 Greenbone Networks GmbH

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.