CVE-2007-5208 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-5208
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-5208

Description: hpssd in Hewlett-Packard Linux Imaging and Printing Project (hplip) 1.x and 2.x before 2.7.10 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a from address, which is not properly handled when invoking sendmail.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/37183 UBUNTU http://www.ubuntulinux.org/support/documentation/usn/usn-530-1 SUSE http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html ST 1018806 SAID Secunia Advisory: SA27202 Secunia Advisory: SA27224 Secunia Advisory: SA27221 Secunia Advisory: SA27232 Secunia Advisory: SA27271 Secunia Advisory: SA27332 Secunia Advisory: SA27397 Secunia Advisory: SA28453 REDHAT http://www.redhat.com/support/errata/RHSA-2007-0960.html MISC MANDRIVA http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:201 GENTOO http://security.gentoo.org/glsa/glsa-200710-26.xml FEDORA DEBIAN http://www.debian.org/security/2008/dsa-1462 CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=195565 http://qa.mandriva.com/show_bug.cgi?id=30719 BID 26054

Return to the previous page.