Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 195565 - net-print/hplip Arbitrary command execution (CVE-2007-5208)
Summary: net-print/hplip Arbitrary command execution (CVE-2007-5208)
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High major (vote)
Assignee: Gentoo Security
Whiteboard: B1/C0 [glsa]
Depends on:
Reported: 2007-10-12 01:04 UTC by Robert Buchholz (RETIRED)
Modified: 2007-10-24 22:16 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Robert Buchholz (RETIRED) gentoo-dev 2007-10-12 01:04:26 UTC
hplip's hpssd allows local (or remote, if configured) users to execute arbitrary commands as root.

Our current stable and the last release are vulnerable, I couldn't find a public repository. A patch is available at the URL.
Comment 1 Robert Buchholz (RETIRED) gentoo-dev 2007-10-12 01:07:09 UTC
Denis and printing, please advise.
Comment 2 Denis Dupeyron (RETIRED) gentoo-dev 2007-10-12 09:11:15 UTC
(In reply to comment #1)
> Denis and printing, please advise.

I'm having a real life emergency since a few days, but I'll send this at the top of my Gentoo TODO list. I should be able to look into this later today (not before 2000 UTC though).

I've had a quick look at the patch though, and it applies in a cleanish way on the 2.x series, but not on the 1.x series. So I'll have to manually create a patch for the 1.x stuff. This should be easy. About the security issue itself, it's far beyond my understanding so I'll have to trust the Red Hat people unless somebody else knows better.

Comment 3 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2007-10-17 19:25:28 UTC
Any news on this one?
Comment 4 Denis Dupeyron (RETIRED) gentoo-dev 2007-10-18 13:07:15 UTC
I've just fixed the new 2.x branch. I'm now proceeding to look into the old stuff.

Upstream says the fix will be in 2.7.10.

Comment 5 Denis Dupeyron (RETIRED) gentoo-dev 2007-10-18 20:31:07 UTC
Old 1.x branch is now cleaned-up and fixed too. Security, feel free to stabilize hplip-1.7.4a-r2 and close this bug whenever you want.

Comment 6 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2007-10-18 20:36:09 UTC
Thx Denis.

Arches please test and mark stable. Target keywords are:

hplip-1.7.4a-r2.ebuild:KEYWORDS="amd64 ppc ~ppc64 x86"
Comment 7 Christian Faulhammer (RETIRED) gentoo-dev 2007-10-19 21:03:43 UTC
x86 stable
Comment 8 Tobias Scherbaum (RETIRED) gentoo-dev 2007-10-20 20:02:10 UTC
ppc stable
Comment 9 Steve Dibb (RETIRED) gentoo-dev 2007-10-21 20:27:27 UTC
amd64 stable
Comment 10 Robert Buchholz (RETIRED) gentoo-dev 2007-10-21 20:39:45 UTC
GLSA request filed.
Comment 11 Denis Dupeyron (RETIRED) gentoo-dev 2007-10-21 21:40:36 UTC
Old ebuild removed after stabilization. All that's left in the tree is now clean.

Comment 12 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2007-10-24 22:16:33 UTC
GLSA 200710-26, thanks everybody!