Rapid7 Vulnerability & Exploit Database

USN-708-1: HPLIP vulnerability

Back to Search

USN-708-1: HPLIP vulnerability

Severity
7
CVSS
(AV:L/AC:M/Au:N/C:C/I:C/A:C)
Published
01/15/2009
Created
07/25/2018
Added
05/06/2013
Modified
07/09/2020

Description

hplip.postinst in HP Linux Imaging and Printing (HPLIP) 2.7.7 and 2.8.2 on Ubuntu allows local users to change the ownership of arbitrary files via unspecified manipulations in advance of an HPLIP installation or upgrade by an administrator, related to the product's attempt to correct the ownership of its configuration files within home directories.

Solution(s)

  • ubuntu-upgrade-hplip

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;