Signature Detail

APP: HP Linux Imaging and Printing System HSSPD.PY Vulnerability

This signature detects attempts to exploit a known vulnerability against HP Linux Imaging and Printing System. Versions 2.7.9 and below are vulnerable. A successful attack can allow attackers to inject commands onto the target system.

Extended Description

HP Linux Imaging and Printing System (HPLIP) is prone to an arbitrary command-execution vulnerability because it fails to adequately sanitize user-supplied input. Attackers can exploit this issue to execute arbitrary commands with superuser privileges. Successful attacks will completely compromise affected computers. NOTE: By default the application's 'hpssd' daemon listens only on localhost, but it can be configured (via /etc/hp/hplip.conf) to listen to remote requests as well. HPLIP versions in the 1.0 and 2.0 series are vulnerable.

Affected Products

• Debian Linux 4.0
• Debian Linux 4.0 Alpha
• Debian Linux 4.0 Amd64
• Debian Linux 4.0 Arm
• Debian Linux 4.0 Hppa
• Debian Linux 4.0 Ia-32
• Debian Linux 4.0 Ia-64
• Debian Linux 4.0 M68k
• Debian Linux 4.0 Mips
• Debian Linux 4.0 Mipsel
• Debian Linux 4.0 Powerpc
• Debian Linux 4.0 S/390
• Debian Linux 4.0 Sparc
• Gentoo Linux
• HP Linux Imaging and Printing System 1.6.10
• HP Linux Imaging and Printing System 1.6.12
• HP Linux Imaging and Printing System 1.6.6
• HP Linux Imaging and Printing System 1.6.6A
• HP Linux Imaging and Printing System 1.6.7
• HP Linux Imaging and Printing System 1.6.9
• HP Linux Imaging and Printing System 1.7.1
• HP Linux Imaging and Printing System 1.7.2
• HP Linux Imaging and Printing System 1.7.3
• HP Linux Imaging and Printing System 1.7.4
• HP Linux Imaging and Printing System 1.7.4A
• HP Linux Imaging and Printing System 2.7.1
• HP Linux Imaging and Printing System 2.7.2
• HP Linux Imaging and Printing System 2.7.4
• HP Linux Imaging and Printing System 2.7.6
• HP Linux Imaging and Printing System 2.7.6-1.Patch
• HP Linux Imaging and Printing System 2.7.7
• HP Linux Imaging and Printing System 2.7.9
• Mandriva Corporate Server 4.0
• Mandriva Corporate Server 4.0.0 X86 64
• Mandriva Linux Mandrake 2007.0
• Mandriva Linux Mandrake 2007.0 X86 64
• Mandriva Linux Mandrake 2007.1
• Mandriva Linux Mandrake 2007.1 X86 64
• Mandriva Linux Mandrake 2008.0
• Mandriva Linux Mandrake 2008.0 X86 64
• Red Hat Enterprise Linux 5 Server
• Red Hat Enterprise Linux Desktop 5 Client
• Red Hat Fedora Core7
• SuSE Linux 10.0
• SuSE Linux 10.1
• SuSE Linux 10.2
• SuSE Linux 10.3
• SuSE SUSE Linux Enterprise Desktop 10
• Ubuntu Ubuntu Linux 6.10 Amd64
• Ubuntu Ubuntu Linux 6.10 I386
• Ubuntu Ubuntu Linux 6.10 Powerpc
• Ubuntu Ubuntu Linux 6.10 Sparc
• Ubuntu Ubuntu Linux 7.04 Amd64
• Ubuntu Ubuntu Linux 7.04 I386
• Ubuntu Ubuntu Linux 7.04 Powerpc
• Ubuntu Ubuntu Linux 7.04 Sparc

References

• BugTraq: 26054
• CVE: CVE-2007-5208
• URL: http://www.frsirt.com/english/advisories/2007/3479