 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.881639 |
| Categoría: | CentOS Local Security Checks |
| Título: | CentOS Update for hpijs CESA-2013:0500 centos6 |
| Resumen: | The remote host is missing an update for the 'hpijs'; package(s) announced via the referenced advisory. |
| Descripción: | Summary: The remote host is missing an update for the 'hpijs' package(s) announced via the referenced advisory. Vulnerability Insight: The hplip packages contain the Hewlett-Packard Linux Imaging and Printing Project (HPLIP), which provides drivers for Hewlett-Packard printers and multi-function peripherals. Several temporary file handling flaws were found in HPLIP. A local attacker could use these flaws to perform a symbolic link attack, overwriting arbitrary files accessible to a process using HPLIP. (CVE-2013-0200, CVE-2011-2722) The CVE-2013-0200 issues were discovered by Tim Waugh of Red Hat. The hplip packages have been upgraded to upstream version 3.12.4, which provides a number of bug fixes and enhancements over the previous version. (BZ#731900) This update also fixes the following bugs: * Previously, the hpijs package required the obsolete cupsddk-drivers package, which was provided by the cups package. Under certain circumstances, this dependency caused hpijs installation to fail. This bug has been fixed and hpijs no longer requires cupsddk-drivers. (BZ#829453) * The configuration of the Scanner Access Now Easy (SANE) back end is located in the /etc/sane.d/dll.d/ directory, however, the hp-check utility checked only the /etc/sane.d/dll.conf file. Consequently, hp-check checked for correct installation, but incorrectly reported a problem with the way the SANE back end was installed. With this update, hp-check properly checks for installation problems in both locations as expected. (BZ#683007) All users of hplip are advised to upgrade to these updated packages, which fix these issues and add these enhancements. Affected Software/OS: hpijs on CentOS 6 Solution: Please install the updated packages. CVSS Score: 1.9 CVSS Vector: AV:L/AC:M/Au:N/C:N/I:P/A:N |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2011-2722 48441 http://secunia.com/advisories/48441 55083 http://secunia.com/advisories/55083 GLSA-201203-17 http://security.gentoo.org/glsa/glsa-201203-17.xml RHSA-2013:0133 http://rhn.redhat.com/errata/RHSA-2013-0133.html USN-1981-1 http://www.ubuntu.com/usn/USN-1981-1 [oss-security] 20110726 Re: CVE request: hplip: insecure tmp file handling http://www.openwall.com/lists/oss-security/2011/07/26/14 http://hplipopensource.com/hplip-web/release_notes.html https://bugs.launchpad.net/hplip/+bug/809904 https://bugzilla.novell.com/show_bug.cgi?id=704608 https://bugzilla.redhat.com/attachment.cgi?id=515866&action=diff https://bugzilla.redhat.com/show_bug.cgi?id=725830 Common Vulnerability Exposure (CVE) ID: CVE-2013-0200 DSA-2829 http://www.debian.org/security/2013/dsa-2829 MDVSA-2013:088 http://www.mandriva.com/security/advisories?name=MDVSA-2013:088 ftp://ftp.scientificlinux.org/linux/scientific/6x/SRPMS/vendor/hplip-3.12.4-4.el6.src.rpm https://bugzilla.redhat.com/show_bug.cgi?id=902163 https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0072 |
| Copyright | Copyright (C) 2013 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |