Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2013-0500)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.123697

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2013-0500)

Resumen: The remote host is missing an update for the 'hplip' package(s) announced via the ELSA-2013-0500 advisory.

Descripción: Summary:
The remote host is missing an update for the 'hplip' package(s) announced via the ELSA-2013-0500 advisory.

Vulnerability Insight:
[3.12.4-4]
- Applied patch to fix CVE-2013-0200, temporary file vulnerability
(bug #902163).
- Fixed hpijs-marker-supply patch.

[3.12.4-3]
- Make 'hp-check' check for hpaio set-up correctly (bug #683007).

[3.12.4-2]
- Added more fixes from Fedora (bug #731900).

[3.12.4-1]
- Re-based to 3.12.4 with fixes from Fedora (bug #731900). No longer
need no-system-tray, openPPD, addgroup, emit-SIGNAL, fab-root-crash,
newline, hpaio-segfault, dbus-threads, or cups-web patches.

[3.10.9-4]
- The hpijs sub-package no longer requires cupsddk-drivers (which no
longer exists as a real package), but cups >= 1.4 (bug #829453).

Affected Software/OS:
'hplip' package(s) on Oracle Linux 6.

Solution:
Please install the updated package(s).

CVSS Score:
1.9

CVSS Vector:
AV:L/AC:M/Au:N/C:N/I:P/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-2722
48441
http://secunia.com/advisories/48441
55083
http://secunia.com/advisories/55083
GLSA-201203-17
http://security.gentoo.org/glsa/glsa-201203-17.xml
RHSA-2013:0133
http://rhn.redhat.com/errata/RHSA-2013-0133.html
USN-1981-1
http://www.ubuntu.com/usn/USN-1981-1
[oss-security] 20110726 Re: CVE request: hplip: insecure tmp file handling
http://www.openwall.com/lists/oss-security/2011/07/26/14
http://hplipopensource.com/hplip-web/release_notes.html
https://bugs.launchpad.net/hplip/+bug/809904
https://bugzilla.novell.com/show_bug.cgi?id=704608
https://bugzilla.redhat.com/attachment.cgi?id=515866&action=diff
https://bugzilla.redhat.com/show_bug.cgi?id=725830
Common Vulnerability Exposure (CVE) ID: CVE-2013-0200
DSA-2829
http://www.debian.org/security/2013/dsa-2829
MDVSA-2013:088
http://www.mandriva.com/security/advisories?name=MDVSA-2013:088
ftp://ftp.scientificlinux.org/linux/scientific/6x/SRPMS/vendor/hplip-3.12.4-4.el6.src.rpm
https://bugzilla.redhat.com/show_bug.cgi?id=902163
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0072

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.123697
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2013-0500)
Resumen:	The remote host is missing an update for the 'hplip' package(s) announced via the ELSA-2013-0500 advisory.
Descripción:	Summary: The remote host is missing an update for the 'hplip' package(s) announced via the ELSA-2013-0500 advisory. Vulnerability Insight: [3.12.4-4] - Applied patch to fix CVE-2013-0200, temporary file vulnerability (bug #902163). - Fixed hpijs-marker-supply patch. [3.12.4-3] - Make 'hp-check' check for hpaio set-up correctly (bug #683007). [3.12.4-2] - Added more fixes from Fedora (bug #731900). [3.12.4-1] - Re-based to 3.12.4 with fixes from Fedora (bug #731900). No longer need no-system-tray, openPPD, addgroup, emit-SIGNAL, fab-root-crash, newline, hpaio-segfault, dbus-threads, or cups-web patches. [3.10.9-4] - The hpijs sub-package no longer requires cupsddk-drivers (which no longer exists as a real package), but cups >= 1.4 (bug #829453). Affected Software/OS: 'hplip' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 1.9 CVSS Vector: AV:L/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-2722 48441 http://secunia.com/advisories/48441 55083 http://secunia.com/advisories/55083 GLSA-201203-17 http://security.gentoo.org/glsa/glsa-201203-17.xml RHSA-2013:0133 http://rhn.redhat.com/errata/RHSA-2013-0133.html USN-1981-1 http://www.ubuntu.com/usn/USN-1981-1 [oss-security] 20110726 Re: CVE request: hplip: insecure tmp file handling http://www.openwall.com/lists/oss-security/2011/07/26/14 http://hplipopensource.com/hplip-web/release_notes.html https://bugs.launchpad.net/hplip/+bug/809904 https://bugzilla.novell.com/show_bug.cgi?id=704608 https://bugzilla.redhat.com/attachment.cgi?id=515866&action=diff https://bugzilla.redhat.com/show_bug.cgi?id=725830 Common Vulnerability Exposure (CVE) ID: CVE-2013-0200 DSA-2829 http://www.debian.org/security/2013/dsa-2829 MDVSA-2013:088 http://www.mandriva.com/security/advisories?name=MDVSA-2013:088 ftp://ftp.scientificlinux.org/linux/scientific/6x/SRPMS/vendor/hplip-3.12.4-4.el6.src.rpm https://bugzilla.redhat.com/show_bug.cgi?id=902163 https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0072
Copyright	Copyright (C) 2015 Greenbone AG