Local File Deletion Vulnerability in HPLIP by HP
CVE-2012-6108

Currently unrated

Key Information:

Vendor: HP
Status: Linux Imaging And Printing Project
Vendor: CVE Published:; 15 February 2014

What is CVE-2012-6108?

HP Linux Imaging and Printing (HPLIP) prior to version 3.13.2 has a vulnerability related to world-writable permissions on the /var/log/hp and /var/log/hp/tmp directories. This misconfiguration allows local users to manipulate and delete log files, potentially compromising the integrity of log data and affecting system diagnostics. Organizations using outdated versions of HPLIP should consider updating to enhance their security posture.

References

https://bugzilla.redhat.com/show_bug.cgi?id=894283

x_refsource_CONFIRM

https://bugs.launchpad.net/hplip/+bug/1016507/comments/6

x_refsource_CONFIRM

http://sourceforge.net/projects/hplip/files/hplip/3.13.2/...

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 15, 2014
Vulnerability Reserved
Dec 6, 2012