CVE-2013-6402

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2013-6402 at MITRE

Description

base/pkit.py in HP Linux Imaging and Printing (HPLIP) through 3.13.11 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hp-pkservice.log temporary file.

NVD CVSS v2 Base Score: 2.1 (AV:L/AC:L/Au:N/C:N/I:P/A:N)

SUSE information

SUSE Bugzilla entry: 852368

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 11 SP2
  • hplip >= 3.11.10-0.6.11.1
  • hplip-hpijs >= 3.11.10-0.6.11.1
Patchnames:
sledsp2-hplip
SUSE Linux Enterprise Desktop 11 SP3
  • hplip >= 3.11.10-0.6.11.1
  • hplip-hpijs >= 3.11.10-0.6.11.1
Patchnames:
sledsp3-hplip
SUSE Linux Enterprise Server 11 SP2
  • hplip >= 3.11.10-0.6.11.1
  • hplip-hpijs >= 3.11.10-0.6.11.1
Patchnames:
slessp2-hplip
SUSE Linux Enterprise Server 11 SP3
  • hplip >= 3.11.10-0.6.11.1
  • hplip-hpijs >= 3.11.10-0.6.11.1
Patchnames:
slessp3-hplip
SUSE Linux Enterprise Server for VMWare 11 SP2
  • hplip >= 3.11.10-0.6.11.1
  • hplip-hpijs >= 3.11.10-0.6.11.1
Patchnames:
slessp2-hplip
SUSE Linux Enterprise Server for VMWare 11 SP3
  • hplip >= 3.11.10-0.6.11.1
  • hplip-hpijs >= 3.11.10-0.6.11.1
Patchnames:
slessp3-hplip
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
  • hplip >= 3.11.10-0.6.11.1
  • hplip-hpijs >= 3.11.10-0.6.11.1
Builds
SAT Patch Nr: 8775
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2 for VMware
  • hplip >= 3.11.10-0.6.11.1
  • hplip-hpijs >= 3.11.10-0.6.11.1
Builds
SAT Patch Nr: 8777
openSUSE 12.3
  • hplip >= 3.12.11-2.9.2
  • hplip-debuginfo >= 3.12.11-2.9.2
  • hplip-debugsource >= 3.12.11-2.9.2
  • hplip-hpijs >= 3.12.11-2.9.2
  • hplip-hpijs-debuginfo >= 3.12.11-2.9.2
  • hplip-sane >= 3.12.11-2.9.2
  • hplip-sane-debuginfo >= 3.12.11-2.9.2
Patchnames:
openSUSE-2014-80
openSUSE 13.1
  • hplip >= 3.13.10-4.2
  • hplip-debuginfo >= 3.13.10-4.2
  • hplip-debugsource >= 3.13.10-4.2
  • hplip-hpijs >= 3.13.10-4.2
  • hplip-hpijs-debuginfo >= 3.13.10-4.2
  • hplip-sane >= 3.13.10-4.2
  • hplip-sane-debuginfo >= 3.13.10-4.2
Patchnames:
openSUSE-2014-80
openSUSE Evergreen 11.4
  • hplip >= 3.11.5-1.19.1
  • hplip-debuginfo >= 3.11.5-1.19.1
  • hplip-debugsource >= 3.11.5-1.19.1
  • hplip-hpijs >= 3.11.5-1.19.1
  • hplip-hpijs-debuginfo >= 3.11.5-1.19.1
Patchnames:
2014-10