Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2010-4267

Published: 20 January 2011

Stack-based buffer overflow in the hpmud_get_pml function in io/hpmud/pml.c in Hewlett-Packard Linux Imaging and Printing (HPLIP) 1.6.7, 3.9.8, 3.10.9, and probably other versions allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SNMP response with a large length value.

Notes

AuthorNote
mdeslaur
code doesn't seem present in dapper

Priority

Medium

Status

Package Release Status
hplip
Launchpad, Ubuntu, Debian
upstream Needs triage

dapper Not vulnerable
(0.9.7-4ubuntu1.1)
hardy
Released (2.8.2-0ubuntu8.2)
karmic
Released (3.9.8-1ubuntu2.1)
lucid
Released (3.10.2-2ubuntu2.2)
maverick
Released (3.10.6-1ubuntu10.2)