CVE-2011-2722

Published: 25 May 2012

The send_data_to_stdout function in prnt/hpijs/hpcupsfax.cpp in HP Linux Imaging and Printing (HPLIP) 3.x before 3.11.10 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hpcupsfax.out temporary file.

Priority

Status

Package	Release	Status
hplip Launchpad, Ubuntu, Debian	hardy	Ignored (end of life)
	lucid	Released (3.10.2-2ubuntu2.4)
	maverick	Ignored (end of life)
	natty	Ignored (end of life)
	oneiric	Ignored (end of life)
	precise	Not vulnerable (3.11.12-2)
	quantal	Not vulnerable (3.11.12-2)
	raring	Not vulnerable (3.11.12-2)
	upstream	Released (3.11.10-1)

References

http://www.openwall.com/lists/oss-security/2011/07/26/4
https://ubuntu.com/security/notices/USN-1981-1
https://www.cve.org/CVERecord?id=CVE-2011-2722
NVD
Launchpad
Debian

Bugs

https://bugs.launchpad.net/hplip/+bug/809904
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2722
https://bugzilla.novell.com/show_bug.cgi?id=704608

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›