Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 APP:HP-LIPS-HSSPD

Severity

 Minor

Recommended

 No

Recommended Action

 Drop

Category

 APP

Keywords

 HP Linux Imaging and Printing System HSSPD.PY Vulnerability

Release Date

 2007/12/17

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

APP: HP Linux Imaging and Printing System HSSPD.PY Vulnerability


This signature detects attempts to exploit a known vulnerability against HP Linux Imaging and Printing System. Versions 2.7.9 and below are vulnerable. A successful attack can allow attackers to inject commands onto the target system.

Extended Description

HP Linux Imaging and Printing System (HPLIP) is prone to an arbitrary command-execution vulnerability because it fails to adequately sanitize user-supplied input. Attackers can exploit this issue to execute arbitrary commands with superuser privileges. Successful attacks will completely compromise affected computers. NOTE: By default the application's 'hpssd' daemon listens only on localhost, but it can be configured (via /etc/hp/hplip.conf) to listen to remote requests as well. HPLIP versions in the 1.0 and 2.0 series are vulnerable.

Affected Products

  • Debian linux 4.0
  • Debian linux 4.0 Alpha
  • Debian linux 4.0 Amd64
  • Debian linux 4.0 Arm
  • Debian linux 4.0 Hppa
  • Debian linux 4.0 Ia-32
  • Debian linux 4.0 Ia-64
  • Debian linux 4.0 M68k
  • Debian linux 4.0 Mips
  • Debian linux 4.0 Mipsel
  • Debian linux 4.0 Powerpc
  • Debian linux 4.0 S/390
  • Debian linux 4.0 Sparc
  • Gentoo linux
  • Hp linux_imaging_and_printing_system 1.6.10
  • Hp linux_imaging_and_printing_system 1.6.12
  • Hp linux_imaging_and_printing_system 1.6.6
  • Hp linux_imaging_and_printing_system 1.6.6A
  • Hp linux_imaging_and_printing_system 1.6.7
  • Hp linux_imaging_and_printing_system 1.6.9
  • Hp linux_imaging_and_printing_system 1.7.1
  • Hp linux_imaging_and_printing_system 1.7.2
  • Hp linux_imaging_and_printing_system 1.7.3
  • Hp linux_imaging_and_printing_system 1.7.4
  • Hp linux_imaging_and_printing_system 1.7.4A
  • Hp linux_imaging_and_printing_system 2.7.1
  • Hp linux_imaging_and_printing_system 2.7.2
  • Hp linux_imaging_and_printing_system 2.7.4
  • Hp linux_imaging_and_printing_system 2.7.6
  • Hp linux_imaging_and_printing_system 2.7.6-1.Patch
  • Hp linux_imaging_and_printing_system 2.7.7
  • Hp linux_imaging_and_printing_system 2.7.9
  • Mandriva corporate_server 4.0
  • Mandriva corporate_server 4.0.0 X86 64
  • Mandriva linux_mandrake 2007.0
  • Mandriva linux_mandrake 2007.0 X86 64
  • Mandriva linux_mandrake 2007.1
  • Mandriva linux_mandrake 2007.1 X86 64
  • Mandriva linux_mandrake 2008.0
  • Mandriva linux_mandrake 2008.0 X86 64
  • Red_hat enterprise_linux 5 Server
  • Red_hat enterprise_linux_desktop 5 Client
  • Red_hat fedora Core7
  • Suse linux 10.0
  • Suse linux 10.1
  • Suse linux 10.2
  • Suse linux 10.3
  • Suse suse_linux_enterprise_desktop 10
  • Ubuntu ubuntu_linux 6.10 Amd64
  • Ubuntu ubuntu_linux 6.10 I386
  • Ubuntu ubuntu_linux 6.10 Powerpc
  • Ubuntu ubuntu_linux 6.10 Sparc
  • Ubuntu ubuntu_linux 7.04 Amd64
  • Ubuntu ubuntu_linux 7.04 I386
  • Ubuntu ubuntu_linux 7.04 Powerpc
  • Ubuntu ubuntu_linux 7.04 Sparc

References

  • BugTraq: 26054
  • CVE: CVE-2007-5208
  • URL: http://www.frsirt.com/english/advisories/2007/3479

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out