Oval Definition:oval:com.redhat.rhsa:def:20080818
Revision Date:2008-08-12Version:637
Title:RHSA-2008:0818: hplip security update (Moderate)
Description:The hplip (Hewlett-Packard Linux Imaging and Printing) packages provide drivers for Hewlett-Packard printers and multifunction peripherals.

  • A flaw was discovered in the hplip alert-mailing functionality. A local attacker could elevate their privileges by using specially-crafted packets to trigger alert mails, which are sent by the root account. (CVE-2008-2940)

  • A flaw was discovered in the hpssd message parser. By sending specially-crafted packets, a local attacker could cause a denial of service, stopping the hpssd process. (CVE-2008-2941)

    Users of hplip should upgrade to these updated packages, which contain backported patches to correct these issues.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2008-2940
    CVE-2008-2941
    RHSA-2008:0818
    RHSA-2008:0818-02
    RHSA-2008:0818-02
    Platform(s):Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • hpijs is earlier than 1:1.6.7-4.1.el5_2.4
  • AND hpijs is signed with Red Hat redhatrelease2 key
  • hplip is earlier than 0:1.6.7-4.1.el5_2.4
  • AND hplip is signed with Red Hat redhatrelease2 key
  • libsane-hpaio is earlier than 0:1.6.7-4.1.el5_2.4
  • AND libsane-hpaio is signed with Red Hat redhatrelease2 key
    • BACK