 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.881639 |
| Kategorie: | CentOS Local Security Checks |
| Titel: | CentOS Update for hpijs CESA-2013:0500 centos6 |
| Zusammenfassung: | The remote host is missing an update for the 'hpijs'; package(s) announced via the referenced advisory. |
| Beschreibung: | Summary: The remote host is missing an update for the 'hpijs' package(s) announced via the referenced advisory. Vulnerability Insight: The hplip packages contain the Hewlett-Packard Linux Imaging and Printing Project (HPLIP), which provides drivers for Hewlett-Packard printers and multi-function peripherals. Several temporary file handling flaws were found in HPLIP. A local attacker could use these flaws to perform a symbolic link attack, overwriting arbitrary files accessible to a process using HPLIP. (CVE-2013-0200, CVE-2011-2722) The CVE-2013-0200 issues were discovered by Tim Waugh of Red Hat. The hplip packages have been upgraded to upstream version 3.12.4, which provides a number of bug fixes and enhancements over the previous version. (BZ#731900) This update also fixes the following bugs: * Previously, the hpijs package required the obsolete cupsddk-drivers package, which was provided by the cups package. Under certain circumstances, this dependency caused hpijs installation to fail. This bug has been fixed and hpijs no longer requires cupsddk-drivers. (BZ#829453) * The configuration of the Scanner Access Now Easy (SANE) back end is located in the /etc/sane.d/dll.d/ directory, however, the hp-check utility checked only the /etc/sane.d/dll.conf file. Consequently, hp-check checked for correct installation, but incorrectly reported a problem with the way the SANE back end was installed. With this update, hp-check properly checks for installation problems in both locations as expected. (BZ#683007) All users of hplip are advised to upgrade to these updated packages, which fix these issues and add these enhancements. Affected Software/OS: hpijs on CentOS 6 Solution: Please install the updated packages. CVSS Score: 1.9 CVSS Vector: AV:L/AC:M/Au:N/C:N/I:P/A:N |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2011-2722 48441 http://secunia.com/advisories/48441 55083 http://secunia.com/advisories/55083 GLSA-201203-17 http://security.gentoo.org/glsa/glsa-201203-17.xml RHSA-2013:0133 http://rhn.redhat.com/errata/RHSA-2013-0133.html USN-1981-1 http://www.ubuntu.com/usn/USN-1981-1 [oss-security] 20110726 Re: CVE request: hplip: insecure tmp file handling http://www.openwall.com/lists/oss-security/2011/07/26/14 http://hplipopensource.com/hplip-web/release_notes.html https://bugs.launchpad.net/hplip/+bug/809904 https://bugzilla.novell.com/show_bug.cgi?id=704608 https://bugzilla.redhat.com/attachment.cgi?id=515866&action=diff https://bugzilla.redhat.com/show_bug.cgi?id=725830 Common Vulnerability Exposure (CVE) ID: CVE-2013-0200 DSA-2829 http://www.debian.org/security/2013/dsa-2829 MDVSA-2013:088 http://www.mandriva.com/security/advisories?name=MDVSA-2013:088 ftp://ftp.scientificlinux.org/linux/scientific/6x/SRPMS/vendor/hplip-3.12.4-4.el6.src.rpm https://bugzilla.redhat.com/show_bug.cgi?id=902163 https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0072 |
| Copyright | Copyright (C) 2013 Greenbone AG |
| Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |