Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2010-4267

Published: 20/01/2011 Updated: 17/08/2017
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Hp

Vulnerability Summary

Stack-based buffer overflow in the hpmud_get_pml function in io/hpmud/pml.c in Hewlett-Packard Linux Imaging and Printing (HPLIP) 1.6.7, 3.9.8, 3.10.9, and probably other versions allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SNMP response with a large length value.

Vulnerable Product Search on Vulmon Subscribe to Product

hp linux imaging and printing project 3.10.9

hp linux imaging and printing project 1.6.7

hp linux imaging and printing project 3.9.8

Vendor Advisories

Debian CVElist Bug Report Logs: CVE-2010-4267: Buffer overflow
Debian Bug report logs - #610960 CVE-2010-4267: Buffer overflow Package: hplip; Maintainer for hplip is Debian Printing Team <debian-printing@listsdebianorg>; Source for hplip is src:hplip (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <muehlenhoff@univentionde> Date: Mon, 24 Jan 2011 12:33:01 UTC Severity ...
Ubuntu Security Notice: hplip vulnerability
Sebastian Krahmer discovered that HPLIP incorrectly handled certain long SNMP responses A remote attacker could send malicious SNMP replies to certain HPLIP tools and cause them to crash or possibly execute arbitrary code ...
Debian Security Advisories: DSA-2152-1 hplip -- buffer overflow
Sebastian Krahmer discovered a buffer overflow in the SNMP discovery code of the HP Linux Printing and Imaging System, which could result in the execution of arbitrary code For the stable distribution (lenny), this problem has been fixed in version 286b-4+lenny1 For the testing distribution (squeeze), this problem has been fixed in version 31 ...

References

CWE-119http://www.redhat.com/support/errata/RHSA-2011-0154.htmlhttps://bugzilla.redhat.com/attachment.cgi?id=468455&action=diffhttp://www.securityfocus.com/bid/45833https://bugzilla.redhat.com/show_bug.cgi?id=662740http://www.securitytracker.com/id?1024967http://www.vupen.com/english/advisories/2011/0136http://secunia.com/advisories/42956http://secunia.com/advisories/42939http://www.mandriva.com/security/advisories?name=MDVSA-2011:013http://www.vupen.com/english/advisories/2011/0160http://osvdb.org/70498http://www.vupen.com/english/advisories/2011/0211http://secunia.com/advisories/43022http://www.ubuntu.com/usn/USN-1051-1http://secunia.com/advisories/43083http://www.vupen.com/english/advisories/2011/0228http://secunia.com/advisories/43102http://www.vupen.com/english/advisories/2011/0243http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053474.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-January/053472.htmlhttp://www.debian.org/security/2011/dsa-2152http://www.vupen.com/english/advisories/2011/0212http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.htmlhttp://secunia.com/advisories/43068http://security.gentoo.org/glsa/glsa-201203-17.xmlhttp://secunia.com/advisories/48441http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/64738https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610960https://usn.ubuntu.com/1051-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322cross-site request forgeryunauthorizedCVE-2024-33925reflected XSSCVE-2023-51580CVE-2023-51579CVE-2015-2051CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook