Ubuntu hplip Privilege Escalation Security Issue - Secunia Advisories - Vulnerability Information - Secunia.com

Vulnerability Information

Vulnerability Scanning

Blog - new entry!

Corporate Information

Secunia Advisories

Secunia Research

Binary Analysis

Home > Vulnerability Information > Secunia Advisories > Ubuntu hplip Privilege Escalation Security Issue

Secunia Advisories

Advisories by Product

Advisories by Vendor

Historic Advisories

Report Vulnerability

Business Solutions Restricted

Restricted

Partner Solutions Restricted

Restricted

Secunia PSI WorldMap

Ubuntu hplip Privilege Escalation Security Issue

Secunia Advisory:

SA33539

Advisory Toolbox:

Save in to-do list

Mark as handled

Exploit information

Download as PDF

Release Date:

2009-01-14

Last Update:

2009-01-19

Popularity:

1,173 views

Critical:

Impact:

Privilege escalation

Where:

Local system

Solution Status:

Vendor Patch

OS:

Ubuntu Linux 7.10

Secunia CVSS-2 Score:

Available in Secunia business solutions

Subscribe:

Instant alerts on relevant vulnerabilities

Advisory Content (Page 2 of 3)

[ 1 ] [ 2 ] [ 3 ]

Secunia is hiring, read about the open positions here!

Solution:
Apply updated packages.

-- Ubuntu 7.10 --

Source archives:

http://security.ubuntu.com/ubuntu/poo...hplip_2.7.7.dfsg.1-0ubuntu5.3.diff.gz
Size/MD5: 149462 e8b5cb18aff082738bfcfe069eb873f5
http://security.ubuntu.com/ubuntu/poo...lip/hplip_2.7.7.dfsg.1-0ubuntu5.3.dsc
Size/MD5: 1064 531e707f0cbace5f1eb82039e409c306
http://security.ubuntu.com/ubuntu/poo.../hplip/hplip_2.7.7.dfsg.1.orig.tar.gz
Size/MD5: 14361049 ae5165d46413db8119979f5b3345f7a5

Architecture independent packages:

http://security.ubuntu.com/ubuntu/poo...-data_2.7.7.dfsg.1-0ubuntu5.3_all.deb
Size/MD5: 6898006 691895b0f8e5fc93bcb86d47d11da1af
http://security.ubuntu.com/ubuntu/poo...p-doc_2.7.7.dfsg.1-0ubuntu5.3_all.deb
Size/MD5: 4146918 d4e0b928aacc84bbe2a05862050a5963
http://security.ubuntu.com/ubuntu/poo...p-gui_2.7.7.dfsg.1-0ubuntu5.3_all.deb
Size/MD5: 117628 91f0c9d09f2520e76b3a3e6cde4abd63
http://security.ubuntu.com/ubuntu/poo...2.7.7+2.7.7.dfsg.1-0ubuntu5.3_all.deb
Size/MD5: 480134 59604754cef89d7b5ae128ecf20f44da

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/poo...7.7+2.7.7.dfsg.1-0ubuntu5.3_amd64.deb
Size/MD5: 341576 918813fb4741326051c7480ffeae9a9a
http://security.ubuntu.com/ubuntu/poo...dbg_2.7.7.dfsg.1-0ubuntu5.3_amd64.deb
Size/MD5: 770122 ccef78fc8a55b4e94318931964e9e97b
http://security.ubuntu.com/ubuntu/poo...lip_2.7.7.dfsg.1-0ubuntu5.3_amd64.deb
Size/MD5: 302856 f2a47e27a69aa016334a1ffdac105be1

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/poo....7.7+2.7.7.dfsg.1-0ubuntu5.3_i386.deb
Size/MD5: 334690 dd891b2df494fd1fbc46abd25b9ef7db
http://security.ubuntu.com/ubuntu/poo...-dbg_2.7.7.dfsg.1-0ubuntu5.3_i386.deb
Size/MD5: 747250 4676694a4d20445e64f3f4dc91aaa44c
http://security.ubuntu.com/ubuntu/poo...plip_2.7.7.dfsg.1-0ubuntu5.3_i386.deb
Size/MD5: 290282 921463222e2b642fb5bc16083d8b70ac

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/h/h....7.7+2.7.7.dfsg.1-0ubuntu5.3_lpia.deb
Size/MD5: 337798 9c060add246bb5212706b9dd0d92cc51
http://ports.ubuntu.com/pool/main/h/h...-dbg_2.7.7.dfsg.1-0ubuntu5.3_lpia.deb
Size/MD5: 926096 af4481ea010212486ea621103329cf13
http://ports.ubuntu.com/pool/main/h/hplip/hplip_2.7.7.dfsg.1-0ubuntu5.3_lpia.deb
Size/MD5: 290082 f26b9fc31e3457719b3102b3a9c77b5b

powerpc architecture (Apple Macintosh G3/G4/G5):

http://security.ubuntu.com/ubuntu/poo...7+2.7.7.dfsg.1-0ubuntu5.3_powerpc.deb
Size/MD5: 348258 66f9714865cad898e10e98ef83f6e443
http://security.ubuntu.com/ubuntu/poo...g_2.7.7.dfsg.1-0ubuntu5.3_powerpc.deb
Size/MD5: 784504 0c76dac215474fc62900aea547168387
http://security.ubuntu.com/ubuntu/poo...p_2.7.7.dfsg.1-0ubuntu5.3_powerpc.deb
Size/MD5: 319006 52d13211d1681fe90b74951dc204a788

sparc architecture (Sun SPARC/UltraSPARC):

http://security.ubuntu.com/ubuntu/poo...7.7+2.7.7.dfsg.1-0ubuntu5.3_sparc.deb
Size/MD5: 332756 a3411ca114399f0359b949462e0313ab
http://security.ubuntu.com/ubuntu/poo...dbg_2.7.7.dfsg.1-0ubuntu5.3_sparc.deb
Size/MD5: 717210 401d1050417a9a8608198088abb9e305
http://security.ubuntu.com/ubuntu/poo...lip_2.7.7.dfsg.1-0ubuntu5.3_sparc.deb
Size/MD5: 289370 f92c0c0f6a2f2ccef18d3874db728bf7

Provided and/or discovered by:
Reported in an Ubuntu bug.

Changelog:
2009-01-19: Added CVE reference.

Original Advisory:
USN-708-1:
https://lists.ubuntu.com/archives/ubu...ity-announce/2009-January/000826.html

Change Page:
[ 1 ] [ 2 ] [ 3 ]

Track this Secunia Advisory

Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.

Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory

Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

Latest Advisories

27th Nov, 2009

New advisories:	8
New vulnerabilities:	15
Updated advisories:	11

Moderately // 189 views

Robo-FTP Response Processing Buffer Overflow Vulnerability

Less // 146 views

XM Easy Personal FTP Server Denial of Service Vulnerability

Moderately // 186 views

Joomla LyftenBloggie Component "author" SQL Injection Vulnerability

Less // 180 views

DotNetNuke Cross-Site Scripting and Information Disclosure

Moderately // 201 views

Ubuntu update for php5

Moderately // 209 views

Joomla GCalendar Component "gcid" SQL Injection

Moderately // 190 views

RADIO istek scripti Information Disclosure Security Issue

Highly // 213 views

Gentoo update for PEAR-Net_Traceroute

26th Nov, 2009

New advisories:	15
New vulnerabilities:	37
Updated advisories:	48

Moderately // 308 views

Ingate Firewall and SIParator Multiple Vulnerabilities

Moderately // 372 views

SugarCRM Multiple Vulnerabilities

Solutions | More...

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com. Ideas, suggestions, and other feedback are most welcome.

Most Popular - 3 Hours

1.	Internet Explorer Charset Inheritance Cross-Site Scripting Vulnerability // 35 views
2.	Progress Information Disclosure and Data Manipulation // 31 views
3.	Internet Explorer Layout Handling Memory Corruption Vulnerability // 25 views
4.	Robo-FTP Response Processing Buffer Overflow Vulnerability // 25 views
5.	Joomla GCalendar Component "gcid" SQL Injection // 25 views
6.	Adobe Flash Player Multiple Vulnerabilities // 22 views
7.	XM Easy Personal FTP Server Denial of Service Vulnerability // 22 views
8.	Joomla LyftenBloggie Component "author" SQL Injection Vulnerability // 22 views
9.	RADIO istek scripti Information Disclosure Security Issue // 20 views
10.	DotNetNuke Cross-Site Scripting and Information Disclosure // 20 views

Contact | Terms & Conditions and Copyright | Report Vulnerability | Press | Jobs (open positions) | About Secunia
Copyright Secunia 2002-2009