Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5208

Overview

Vulnerability Score 7.6 7.6
CVE Id CVE-2007-5208
Last Modified 07 Mar 2011 10:00:18
Published 12 Oct 2007 08:17:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2007-5208

Summary

hpssd in Hewlett-Packard Linux Imaging and Printing Project (hplip) 1.x and 2.x before 2.7.10 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a from address, which is not properly handled when invoking sendmail.

Vulnerable Systems

Application

  • Hp Linux Imaging And Printing Project 1.0

  • Hp Linux Imaging And Printing Project 2.7.10


References

REDHAT - RHSA-2007:0960

MISC - https://launchpad.net/bugs/149121

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=319921

VUPEN - ADV-2007-3479

UBUNTU - USN-530-1

FEDORA - FEDORA-2007-2527

XF - hplip-hpssd-command-execution(37183)

SECTRACK - 1018806

BID - 26054

MANDRIVA - MDKSA-2007:201

DEBIAN - DSA-1462

GENTOO - GLSA-200710-26

SECUNIA - 28453

SECUNIA - 27397

SECUNIA - 27332

SECUNIA - 27271

SECUNIA - 27232

SECUNIA - 27224

SECUNIA - 27221

SECUNIA - 27202

CONFIRM - http://qa.mandriva.com/show_bug.cgi?id=30719

SUSE - SUSE-SR:2007:021

CONFIRM - http://bugs.gentoo.org/show_bug.cgi?id=195565

Related Patches

Novell SUSE 2007:4507 hplip17 security update for SLE 10 SP1 i586


Last Updated: 27 May 2016 10:46:06