Summary: | <net-print/hplip-3.13.2-r1: /var/log/hp/ contains world writable directory (CVE-2012-6108) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | billie, printing |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=894283 | ||
Whiteboard: | ~4 [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
![]() It seems that this only affects hplip-3.12.11. For hplip-3.12.10a and hplip-3.13.2 the mentioned directories are not world-writable. hplip-3.12.10a drwxrwxr-x 3 root lp 4096 21. Feb 19:10 . drwxr-xr-x 13 root root 4096 21. Feb 19:10 .. drwxrwxr-t 2 root lp 4096 21. Feb 19:10 tmp hplip-3.12.11 drwxrwxrwx 3 root lp 4096 21. Feb 19:17 . drwxr-xr-x 13 root root 4096 21. Feb 19:17 .. drwxrwxrwt 2 root lp 4096 21. Feb 19:17 tmp hplip-3.13.2 drwxrwxr-- 3 root lp 4096 21. Feb 19:24 . drwxr-xr-x 13 root root 4096 21. Feb 19:24 .. drwxrwxr-T 2 root lp 4096 21. Feb 19:24 tmp I have removed the vulnerable version however updating from hplip-3.12.11 to hplip-3.13.2 does not change the permissions as they are only correct for a new install without /var/log/hp being present. To ensure correct permissions when upgrading I have added hplip-3.13.2-r1 which removes /var/tmp/hp in pgk_preinst. (In reply to comment #1) Thanks, Daniel! Is hplip-3.13.2-r1 ready for stabilization? (In reply to comment #2) > (In reply to comment #1) > > Thanks, Daniel! Is hplip-3.13.2-r1 ready for stabilization? We can stabilize hplip-3.13.2-r1, but do we have to? Current stable is hplip-3.12.10a which is fine and the only vulnerable version in tree is gone. Am I missing something? (In reply to comment #1) > For hplip-3.12.10a and > hplip-3.13.2 the mentioned directories are not world-writable. Ah, I went over that part too quickly. Closing noglsa for ~arch only issue. CVE-2012-6108 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6108): HP Linux Imaging and Printing (HPLIP) before 3.13.2 uses world-writable permissions for /var/log/hp and /var/log/hp/tmp, which allows local users to delete log files via standard filesystem operations. |