Scientific Linux: CVE-2010-4267 Moderate: hplip Security Flaw in SNMP

Jan 19, 2011 •

LinuxSecurity Advisories

1 - 2 min read

Scientific Large Esm H500

Topics Covered

security advisory moderate update issue hplip SNMP Scientific Linux

Moderate: hplip security update

Date: Wed, 19 Jan 2011 13:14:29 -0600
Reply-To: Troy Dawson 
Sender: Security Errata for Scientific Linux

From: Troy Dawson 
Subject: Security ERRATA Moderate: hplip on SL5.x i386/x86_64
Comments: To: "This email address is being protected from spambots. You need JavaScript enabled to view it."

Synopsis:	Moderate: hplip security update
Issue date:	2011-01-17
CVE Names:	CVE-2010-4267

A flaw was found in the way certain HPLIP tools discovered devices using
the SNMP protocol. If a user ran certain HPLIP tools that search for
supported devices using SNMP, and a malicious user is able to send
specially-crafted SNMP responses, it could cause those HPLIP tools to
crash or, possibly, execute arbitrary code with the privileges of the
user running them. (CVE-2010-4267)

SL 5.x

 SRPMS:
hplip-1.6.7-6.el5_6.1.src.rpm
 i386:
hpijs-1.6.7-6.el5_6.1.i386.rpm
hplip-1.6.7-6.el5_6.1.i386.rpm
libsane-hpaio-1.6.7-6.el5_6.1.i386.rpm
 x86_64:
hpijs-1.6.7-6.el5_6.1.x86_64.rpm
hplip-1.6.7-6.el5_6.1.x86_64.rpm
libsane-hpaio-1.6.7-6.el5_6.1.x86_64.rpm

-Connie Sieh
-Troy Dawson

Powered By

Linux Security Footer

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Your message here