English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 72022 CVE descriptions
and 38680 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.63233
Category:Ubuntu Local Security Checks
Title:Ubuntu USN-708-1 (hplip)
Summary:Ubuntu USN-708-1 (hplip)
Description:The remote host is missing an update to hplip
announced via advisory USN-708-1.

Details follow:

It was discovered that an installation script in the HPLIP package would
change permissions on the hplip config files located in user's home directories.
A local user could exploit this and change permissions on arbitrary files
upon an HPLIP installation or upgrade, which could lead to root privileges.

Solution:
The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 7.10:
hplip 2.7.7.dfsg.1-0ubuntu5.3

In general, a standard system upgrade is sufficient to effect the
necessary changes.

http://www.securityspace.com/smysecure/catid.html?in=USN-708-1
Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2008-3997
BugTraq ID: 33177
http://www.securityfocus.com/bid/33177
http://www.vupen.com/english/advisories/2009/0115
http://www.securitytracker.com/id?1021561
http://secunia.com/advisories/33525
Common Vulnerability Exposure (CVE) ID: CVE-2008-4444
Bugtraq: 20090114 Cisco Unified IP Phone 7960G and 7940G (SIP) RTP Header Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/archive/1/500059/100/0/threaded
BugTraq ID: 33264
http://www.securityfocus.com/bid/33264
http://securityreason.com/securityalert/4917
XForce ISS Database: cisco-unifiedipphone-rtp-dos(47948)
http://xforce.iss.net/xforce/xfdb/47948
Common Vulnerability Exposure (CVE) ID: CVE-2008-4006
Common Vulnerability Exposure (CVE) ID: CVE-2008-5449
Common Vulnerability Exposure (CVE) ID: CVE-2008-3979
Bugtraq: 20090113 Trigger Abuse of MDSYS.SDO_TOPO_DROP_FTBL in Oracle 10g R1 and R2 (Google Search)
http://www.securityfocus.com/archive/1/archive/1/500061/100/0/threaded
http://www.milw0rm.com/exploits/8074
http://osvdb.org/51354
Common Vulnerability Exposure (CVE) ID: CVE-2009-0021
Bugtraq: 20090107 [oCERT-2008-016] Multiple OpenSSL signature verification API misuses (Google Search)
http://www.securityfocus.com/archive/1/archive/1/499827/100/0/threaded
https://lists.ntp.org/pipermail/announce/2009-January/000055.html
http://www.ocert.org/advisories/ocert-2008-016.html
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
http://www.redhat.com/support/errata/RHSA-2009-0046.html
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.531177
SuSE Security Announcement: SUSE-SR:2009:005 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html
SuSE Security Announcement: SUSE-SR:2009:008 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html
Cert/CC Advisory: TA09-133A
http://www.us-cert.gov/cas/techalerts/TA09-133A.html
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10035
http://secunia.com/advisories/34642
http://secunia.com/advisories/35074
http://www.vupen.com/english/advisories/2009/0042
http://www.securitytracker.com/id?1021533
http://secunia.com/advisories/33406
http://secunia.com/advisories/33558
http://secunia.com/advisories/33648
http://www.vupen.com/english/advisories/2009/1297
Common Vulnerability Exposure (CVE) ID: CVE-2008-3821
Bugtraq: 20090114 PR08-19: XSS on Cisco IOS HTTP Server (Google Search)
http://www.securityfocus.com/archive/1/archive/1/500063/100/0/threaded
http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr08-19
Cisco Security Advisory: 20090114 Cisco IOS Cross-Site Scripting Vulnerabilities
http://www.cisco.com/en/US/products/products_security_response09186a0080a5c501.html
http://jvn.jp/en/jp/JVN28344798/index.html
BugTraq ID: 33260
http://www.securityfocus.com/bid/33260
http://www.vupen.com/english/advisories/2009/0138
http://osvdb.org/51393
http://osvdb.org/51394
http://securitytracker.com/id?1021598
http://secunia.com/advisories/33461
http://securityreason.com/securityalert/4916
XForce ISS Database: cisco-ios-httpserver-ping-xss(47947)
http://xforce.iss.net/xforce/xfdb/47947
Common Vulnerability Exposure (CVE) ID: CVE-2008-2382
Bugtraq: 20081222 CORE-2008-1210: Qemu and KVM VNC server remote DoS (Google Search)
http://www.securityfocus.com/archive/1/archive/1/499502/100/0/threaded
http://www.coresecurity.com/content/vnc-remote-dos
https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01223.html
SuSE Security Announcement: SUSE-SR:2009:002 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html
http://www.ubuntu.com/usn/usn-776-1
BugTraq ID: 32910
http://www.securityfocus.com/bid/32910
http://secunia.com/advisories/35062
http://www.vupen.com/english/advisories/2008/3488
http://www.vupen.com/english/advisories/2008/3489
http://securitytracker.com/id?1021488
http://securitytracker.com/id?1021489
http://secunia.com/advisories/33293
http://secunia.com/advisories/33303
http://secunia.com/advisories/33350
http://secunia.com/advisories/33568
http://securityreason.com/securityalert/4803
XForce ISS Database: qemu-kvm-protocolclientmsg-dos(47561)
http://xforce.iss.net/xforce/xfdb/47561
Common Vulnerability Exposure (CVE) ID: CVE-2008-5714
http://lists.gnu.org/archive/html/qemu-devel/2008-11/msg01224.html
http://lists.gnu.org/archive/html/qemu-devel/2008-12/msg00498.html
BugTraq ID: 33020
http://www.securityfocus.com/bid/33020
XForce ISS Database: qemu-monitor-weak-security(47683)
http://xforce.iss.net/xforce/xfdb/47683
Common Vulnerability Exposure (CVE) ID: CVE-2008-3818
Cisco Security Advisory: 20090114 Cisco ONS Platform Crafted Packet Vulnerability
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4fa.shtml
BugTraq ID: 33261
http://www.securityfocus.com/bid/33261
http://www.vupen.com/english/advisories/2009/0139
http://securitytracker.com/id?1021592
XForce ISS Database: cisco-ons-controlcard-dos(47940)
http://xforce.iss.net/xforce/xfdb/47940
Common Vulnerability Exposure (CVE) ID: CVE-2009-0053
Cisco Security Advisory: 20090114 IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml
BugTraq ID: 33268
http://www.securityfocus.com/bid/33268
http://www.vupen.com/english/advisories/2009/0140
http://osvdb.org/51395
http://securitytracker.com/id?1021593
http://secunia.com/advisories/33479
Common Vulnerability Exposure (CVE) ID: CVE-2009-0054
http://osvdb.org/51396
Common Vulnerability Exposure (CVE) ID: CVE-2009-0055
http://osvdb.org/51397
http://securitytracker.com/id?1021594
Common Vulnerability Exposure (CVE) ID: CVE-2009-0056
http://osvdb.org/51398
Common Vulnerability Exposure (CVE) ID: CVE-2008-5500
https://bugzilla.mozilla.org/show_bug.cgi?id=460803
https://bugzilla.mozilla.org/show_bug.cgi?id=464998
Debian Security Information: DSA-1697 (Google Search)
http://www.debian.org/security/2009/dsa-1697
Debian Security Information: DSA-1704 (Google Search)
http://www.debian.org/security/2009/dsa-1704
Debian Security Information: DSA-1707 (Google Search)
http://www.debian.org/security/2009/dsa-1707
Debian Security Information: DSA-1696 (Google Search)
http://www.debian.org/security/2009/dsa-1696
http://www.mandriva.com/security/advisories?name=MDVSA-2008:245
http://www.mandriva.com/security/advisories?name=MDVSA-2009:012
http://www.mandriva.com/security/advisories?name=MDVSA-2008:244
http://www.redhat.com/support/errata/RHSA-2008-1036.html
http://www.redhat.com/support/errata/RHSA-2008-1037.html
http://www.redhat.com/support/errata/RHSA-2009-0002.html
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-258748-1
http://www.ubuntulinux.org/support/documentation/usn/usn-690-1
http://www.ubuntu.com/usn/usn-690-2
http://www.ubuntulinux.org/support/documentation/usn/usn-690-3
http://www.ubuntu.com/usn/usn-701-1
http://www.ubuntu.com/usn/usn-701-2
BugTraq ID: 32882
http://www.securityfocus.com/bid/32882
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11053
http://www.securitytracker.com/id?1021417
http://secunia.com/advisories/33231
http://secunia.com/advisories/33433
http://secunia.com/advisories/33216
http://secunia.com/advisories/33232
http://secunia.com/advisories/33523
http://secunia.com/advisories/33547
http://secunia.com/advisories/33184
http://secunia.com/advisories/33188
http://secunia.com/advisories/33189
http://secunia.com/advisories/33203
http://secunia.com/advisories/33204
http://secunia.com/advisories/33205
http://secunia.com/advisories/33421
http://secunia.com/advisories/33434
http://secunia.com/advisories/34501
http://secunia.com/advisories/35080
http://secunia.com/advisories/33408
http://secunia.com/advisories/33415
http://www.vupen.com/english/advisories/2009/0977
XForce ISS Database: mozilla-layout-code-execution-var3(47406)
http://xforce.iss.net/xforce/xfdb/47406
Common Vulnerability Exposure (CVE) ID: CVE-2008-5503
https://bugzilla.mozilla.org/show_bug.cgi?id=379959
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11423
http://www.securitytracker.com/id?1021424
XForce ISS Database: mozilla-xbl-information-disclosure(47409)
http://xforce.iss.net/xforce/xfdb/47409
Common Vulnerability Exposure (CVE) ID: CVE-2008-5506
https://bugzilla.mozilla.org/show_bug.cgi?id=458248
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10512
http://www.securitytracker.com/id?1021427
XForce ISS Database: mozilla-xmlhttprequest-302-info-disclosure(47412)
http://xforce.iss.net/xforce/xfdb/47412
Common Vulnerability Exposure (CVE) ID: CVE-2008-5507
Bugtraq: 20081218 Firefox cross-domain text theft (CESA-2008-011) (Google Search)
http://www.securityfocus.com/archive/1/archive/1/499353/100/0/threaded
https://bugzilla.mozilla.org/show_bug.cgi?id=461735
http://scary.beasts.org/security/CESA-2008-011.html
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9376
http://www.securitytracker.com/id?1021423
XForce ISS Database: mozilla-javascripturl-infor-disclosure(47413)
http://xforce.iss.net/xforce/xfdb/47413
Common Vulnerability Exposure (CVE) ID: CVE-2008-5508
https://bugzilla.mozilla.org/show_bug.cgi?id=425046
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11040
http://www.securitytracker.com/id?1021426
XForce ISS Database: mozilla-urlparsing-weak-security(47414)
http://xforce.iss.net/xforce/xfdb/47414
Common Vulnerability Exposure (CVE) ID: CVE-2008-5511
https://bugzilla.mozilla.org/show_bug.cgi?id=451680
https://bugzilla.mozilla.org/show_bug.cgi?id=464174
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11881
http://www.securitytracker.com/id?1021418
XForce ISS Database: mozilla-xbl-security-bypass(47417)
http://xforce.iss.net/xforce/xfdb/47417
Common Vulnerability Exposure (CVE) ID: CVE-2008-5512
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9814
XForce ISS Database: mozilla-xpcnativewrappers-code-execution(47416)
http://xforce.iss.net/xforce/xfdb/47416
Common Vulnerability Exposure (CVE) ID: CVE-2008-5256
http://www.mandriva.com/security/advisories?name=MDVSA-2009:011
http://sunsolve.sun.com/search/document.do?assetkey=1-26-247326-1
SuSE Security Announcement: SUSE-SR:2009:004 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
BugTraq ID: 32444
http://www.securityfocus.com/bid/32444
http://www.securitytracker.com/id?1021384
http://www.vupen.com/english/advisories/2008/3410
http://secunia.com/advisories/32851
XForce ISS Database: sun-virtualbox-ipcdunix-symlink(46826)
http://xforce.iss.net/xforce/xfdb/46826
Common Vulnerability Exposure (CVE) ID: CVE-2008-5448
Common Vulnerability Exposure (CVE) ID: CVE-2008-5718
http://www.openwall.com/lists/oss-security/2009/01/13/3
Debian Security Information: DSA-1705 (Google Search)
http://www.debian.org/security/2009/dsa-1705
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00962.html
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00966.html
BugTraq ID: 32925
http://www.securityfocus.com/bid/32925
http://osvdb.org/50824
http://secunia.com/advisories/33227
http://secunia.com/advisories/33548
http://secunia.com/advisories/34484
Common Vulnerability Exposure (CVE) ID: CVE-2007-4476
Debian Security Information: DSA-1438 (Google Search)
http://www.debian.org/security/2007/dsa-1438
Debian Security Information: DSA-1566 (Google Search)
http://www.debian.org/security/2008/dsa-1566
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00370.html
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00073.html
http://security.gentoo.org/glsa/glsa-200711-18.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:197
http://www.mandriva.com/security/advisories?name=MDKSA-2007:233
http://www.redhat.com/support/errata/RHSA-2010-0141.html
http://www.redhat.com/support/errata/RHSA-2010-0144.html
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021680.1-1
SuSE Security Announcement: SUSE-SR:2007:018 (Google Search)
http://www.novell.com/linux/security/advisories/2007_18_sr.html
SuSE Security Announcement: SUSE-SR:2007:019 (Google Search)
http://www.novell.com/linux/security/advisories/2007_19_sr.html
http://www.ubuntu.com/usn/usn-709-1
http://www.ubuntu.com/usn/usn-650-1
BugTraq ID: 26445
http://www.securityfocus.com/bid/26445
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8599
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9336
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:7114
http://secunia.com/advisories/26674
http://secunia.com/advisories/26987
http://secunia.com/advisories/27331
http://secunia.com/advisories/27453
http://secunia.com/advisories/27514
http://secunia.com/advisories/27681
http://secunia.com/advisories/27857
http://secunia.com/advisories/28255
http://secunia.com/advisories/29968
http://secunia.com/advisories/33567
http://secunia.com/advisories/32051
http://secunia.com/advisories/39008
http://www.vupen.com/english/advisories/2010/0628
http://www.vupen.com/english/advisories/2010/0629
CopyrightCopyright (c) 2009 E-Soft Inc. http://www.securityspace.com

This is only one of 38680 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.