Synopsis: Moderate: hplip security update
Issue date: 2011-01-17
CVE Names: CVE-2010-4267
A flaw was found in the way certain HPLIP tools discovered devices using
the SNMP protocol. If a user ran certain HPLIP tools that search for
supported devices using SNMP, and a malicious user is able to send
specially-crafted SNMP responses, it could cause those HPLIP tools to
crash or, possibly, execute arbitrary code with the privileges of the
user running them. (CVE-2010-4267)
SL 5.x
SRPMS:
hplip-1.6.7-6.el5_6.1.src.rpm
i386:
hpijs-1.6.7-6.el5_6.1.i386.rpm
hplip-1.6.7-6.el5_6.1.i386.rpm
libsane-hpaio-1.6.7-6.el5_6.1.i386.rpm
x86_64:
hpijs-1.6.7-6.el5_6.1.x86_64.rpm
hplip-1.6.7-6.el5_6.1.x86_64.rpm
libsane-hpaio-1.6.7-6.el5_6.1.x86_64.rpm
-Connie Sieh
-Troy Dawson