CVE-2013-6427

Publication date 9 December 2013

Last updated 24 July 2024

upgrade.py in the hp-upgrade service in HP Linux Imaging and Printing (HPLIP) 3.x through 3.13.11 launches a program from an http URL, which allows man-in-the-middle attackers to execute arbitrary code by gaining control over the client-server data stream.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
hplip	13.10 saucy	Fixed 3.13.9-1ubuntu0.1
	13.04 raring	Ignored end of life
	12.10 quantal	Fixed 3.12.6-3ubuntu4.3
	12.04 LTS precise	Not affected
	10.04 LTS lucid	Not affected

How can I get the fixes?
What do statuses mean?

Notes

mdeslaur

Precise and earlier don't have the upgrade.py file. In Quantal, Raring, Saucy and Trusty, upgrade.py actually bails out because the specific ubuntu version isn't marked as "supported" in distros.dat, so even if this script is run as root, it doesn't do anything, thankfully.

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-2085-1
HPLIP vulnerabilities
21 January 2014

Other references

http://www.openwall.com/lists/oss-security/2013/12/05/2
https://www.cve.org/CVERecord?id=CVE-2013-6427