Debian Security Advisory DSA 2829-1 (hplip - Several Vulnerabilities) Network Vulnerability

Summary

Multiple vulnerabilities have been found in the HP Linux Printing and Imaging System: Insecure temporary files, insufficient permission checks in PackageKit and the insecure hp-upgrade service has been disabled.

Solution

For the oldstable distribution (squeeze), these problems have been fixed in version 3.10.6-2+squeeze2. For the stable distribution (wheezy), these problems have been fixed in version 3.12.6-3.1+deb7u1. For the unstable distribution (sid), these problems have been fixed in version 3.13.11-2. We recommend that you upgrade your hplip packages.

Insight

The HP Linux Printing and Imaging System provides full support for printing on most HP SFP (single function peripheral) inkjets and many LaserJets, and for scanning, sending faxes and for photo-card access on most HP MFP (multi-function peripheral) printers.

Affected

hplip on Debian Linux

Detection

This check tests the installed software version using the apt package manager.

References

http://www.debian.org/security/2013/dsa-2829.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-0200, CVE-2013-4325, CVE-2013-6402, CVE-2013-6427

CVSS	Base Score: 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Debian Security Advisory DSA 2829-1 (hplip - several vulnerabilities)

Take action and discover your vulnerabilities