Oval Definition:	oval:org.mitre.oval:def:21246
Revision Date: 2014-02-17 Version: 11 Title: RHSA-2013:1274: hplip security update (Important) Description: The check_permission_v1 function in base/pkit.py in HP Linux Imaging and Printing (HPLIP) through 3.13.9 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process. Family: unix Class: patch Status: ACCEPTED Reference(s): CESA-2013:1274 CVE-2013-4325 RHSA-2013:1274-00 Platform(s): CentOS Linux 6 Red Hat Enterprise Linux 6 Product(s): hplip Definition Synopsis Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 OR The operating system installed on the system is CentOS Linux 6.x AND Packages section hplip-common is earlier than 0:3.12.4-4.el6_4.1 OR hplip-libs is earlier than 0:3.12.4-4.el6_4.1 OR libsane-hpaio is earlier than 0:3.12.4-4.el6_4.1 OR hplip is earlier than 0:3.12.4-4.el6_4.1 OR hplip-gui is earlier than 0:3.12.4-4.el6_4.1 OR hpijs is earlier than 1:3.12.4-4.el6_4.1
BACK