This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
Kees Cook discovered a flaw in the way the hplip hpssd daemon handled
user input. A local attacker could send a specially crafted request to
the hpssd daemon, possibly allowing them to run arbitrary commands as
the root user. (CVE-2007-5208). On Scientific Linux 5, the SELinux
targeted policy for hpssd which is enabled by default, blocks the
ability to exploit this issue to run arbitrary code.
See also :
Update the affected hpijs, hplip and / or libsane-hpaio packages.
Risk factor :
High / CVSS Base Score : 7.6
Public Exploit Available : true
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 60266 ()
CVE ID: CVE-2007-5208