Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 352085 (CVE-2010-4267) - <net-print/hplip-3.10.9-r1: Remote Stack Overflow Vulnerability (CVE-2010-4267)
Summary: <net-print/hplip-3.10.9-r1: Remote Stack Overflow Vulnerability (CVE-2010-4267)
Status: RESOLVED FIXED
Alias: CVE-2010-4267
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High major (vote)
Assignee: Gentoo Security
URL: https://bugzilla.redhat.com/show_bug....
Whiteboard: B1 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2011-01-19 04:20 UTC by Tim Sammut (RETIRED)
Modified: 2012-03-16 12:37 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Tim Sammut (RETIRED) gentoo-dev 2011-01-19 04:20:12 UTC
From the Red Hat bug at URL:

Sebastian Krahmer reported a flaw in how hplip discovered SNMP devices.  If
certain hplip commands were run that queried SNMP devices, and a malicious user
were able to send crafted SNMP responses, it could cause the running hplip tool
to crash or, possibly, execute arbitrary code with the privileges of the user
running the tool.

Acknowledgements:

Red Hat would like to thank Sebastian Krahmer of the SuSE Security Team for
reporting this issue.

<--

Secunia is reporting (http://secunia.com/advisories/42956/) that this affects 3.10.9 as well. There is a patch at https://bugzilla.redhat.com/attachment.cgi?id=468455.
Comment 1 Daniel Pielmeier gentoo-dev 2011-01-20 18:39:25 UTC
+*hplip-3.10.9-r1 (20 Jan 2011)
+
+  20 Jan 2011; Daniel Pielmeier <billie@gentoo.org> +hplip-3.10.9-r1.ebuild,
+  +files/hplip-3.10.9-cve-2010-4267.patch:
+  Revision bump to fix security bug #352085.

I have added a new revision including the patch from Red Hat.
Comment 2 Tim Sammut (RETIRED) gentoo-dev 2011-01-20 18:48:52 UTC
(In reply to comment #1)
> 
> I have added a new revision including the patch from Red Hat.
> 

Great, thank you.

Arches, please test and mark stable:
=net-print/hplip-3.10.9-r1
Target keywords : "amd64 ppc ppc64 x86"
Comment 3 Markos Chandras (RETIRED) gentoo-dev 2011-01-20 21:26:36 UTC
amd64 done
Comment 4 Kacper Kowalik (Xarthisius) (RETIRED) gentoo-dev 2011-01-21 08:29:20 UTC
ppc/ppc64 stable
Comment 5 Stefan Behte (RETIRED) gentoo-dev Security 2011-01-21 11:16:39 UTC
CVE-2010-4267 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4267):
  Stack-based buffer overflow in the hpmud_get_pml function in
  io/hpmud/pml.c in Hewlett-Packard Linux Imaging and Printing (HPLIP)
  1.6.7, 3.9.8, 3.10.9, and probably other versions allows remote
  attackers to cause a denial of service (crash) and possibly execute
  arbitrary code via a crafted SNMP response with a large length value.

Comment 6 Christian Faulhammer (RETIRED) gentoo-dev 2011-01-21 13:44:50 UTC
x86 stable, last one so update the whiteboard
Comment 7 Tim Sammut (RETIRED) gentoo-dev 2011-01-21 18:18:35 UTC
Thanks, everyone. GLSA request filed.
Comment 8 Andreas K. Hüttel archtester gentoo-dev 2011-06-05 18:35:51 UTC
Thanks guys. No vulnerable version left in the tree. 
Nothing left to do for printing.
Comment 9 GLSAMaker/CVETool Bot gentoo-dev 2012-03-16 12:37:53 UTC
This issue was resolved and addressed in
 GLSA 201203-17 at http://security.gentoo.org/glsa/glsa-201203-17.xml
by GLSA coordinator Sean Amoss (ackle).