CVE-2011-2722

Related Files

Ubuntu Security Notice USN-1981-1

Posted Sep 30, 2013

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1981-1 - It was discovered that HPLIP incorrectly handled temporary files when using the fax capabilities. A local attacker could possibly use this issue to overwrite arbitrary files. This issue only applied to Ubuntu 10.04 LTS. Tim Waugh discovered that HPLIP incorrectly handled temporary files when printing. A local attacker could possibly use this issue to overwrite arbitrary files. In the default installation of Ubuntu 12.04 LTS and Ubuntu 12.10, this should be prevented by the Yama link restrictions. Various other issues were also addressed.

tags | advisory, arbitrary, local

systems | linux, ubuntu

advisories | CVE-2011-2722, CVE-2013-0200, CVE-2011-2722, CVE-2013-0200

SHA-256 | caed288246bf5bbcc535583ccaac571bc9aa7120e7c761f550150017c7e8dddc

Download | Favorite | View

Red Hat Security Advisory 2013-0500-02

Posted Feb 21, 2013

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0500-02 - The hplip packages contain the Hewlett-Packard Linux Imaging and Printing Project, which provides drivers for Hewlett-Packard printers and multi-function peripherals. Several temporary file handling flaws were found in HPLIP. A local attacker could use these flaws to perform a symbolic link attack, overwriting arbitrary files accessible to a process using HPLIP. The CVE-2013-0200 issues were discovered by Tim Waugh of Red Hat.

tags | advisory, arbitrary, local

systems | linux, redhat

advisories | CVE-2011-2722, CVE-2013-0200

SHA-256 | d0e265e67da2b6518e25c5a95ef17a56c0cd1044ceaa1d1df7600cf3916e91b6

Download | Favorite | View

Red Hat Security Advisory 2013-0133-01

Posted Jan 8, 2013

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0133-01 - Hewlett-Packard Linux Imaging and Printing provides drivers for Hewlett-Packard printers and multifunction peripherals. It was found that the HP CUPS fax filter in HPLIP created a temporary file in an insecure way. A local attacker could use this flaw to perform a symbolic link attack, overwriting arbitrary files accessible to a process using the fax filter.

tags | advisory, arbitrary, local

systems | linux, redhat

advisories | CVE-2011-2722

SHA-256 | 864be0b816d50568e5b04e4c73ea75fc418852e134f046ee23a10c2d327277c9

Download | Favorite | View

Gentoo Linux Security Advisory 201203-17

Posted Mar 16, 2012

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201203-17 - Multiple vulnerabilities have been found in HPLIP, the worst of which may allow execution of arbitrary code. Versions less than 3.11.10 are affected.

tags | advisory, arbitrary, vulnerability

systems | linux, gentoo

advisories | CVE-2010-4267, CVE-2011-2722

SHA-256 | 1cf360d6a926fd492c93a38d373ac1bdd8f3f1a39245024188f17cc21707bb28

Download | Favorite | View