CVE-2011-2697
Published: 29 July 2011
foomatic-rip-hplip in HP Linux Imaging and Printing (HPLIP) 3.11.5 allows remote attackers to execute arbitrary code via a crafted *FoomaticRIPCommandLine field in a .ppd file.
Notes
Author | Note |
---|---|
mdeslaur | we don't ship this script in our hplip packages. hplip is built with --disable-foomatic-rip-hplip-install. hardy's foomatic-filters package does have this script though. |
Priority
Status
Package | Release | Status |
---|---|---|
foomatic-filters Launchpad, Ubuntu, Debian |
hardy |
Released
(3.0.2-20071204-0ubuntu2.3)
|
lucid |
Not vulnerable
(code not present)
|
|
maverick |
Not vulnerable
(code not present)
|
|
natty |
Not vulnerable
(code not present)
|
|
upstream |
Needs triage
|
|
Patches: upstream: http://bzr.linuxfoundation.org/loggerhead/openprinting/foomatic-3.0/foomatic-filters/revision/140 |
||
This vulnerability is mitigated in part by an AppArmor profile. | ||
hplip Launchpad, Ubuntu, Debian |
hardy |
Not vulnerable
(code not shipped)
|
lucid |
Not vulnerable
(code not shipped)
|
|
maverick |
Not vulnerable
(code not shipped)
|
|
natty |
Not vulnerable
(code not shipped)
|
|
upstream |
Needs triage
|