FreeBSD : hplip -- hpssd Denial of Service (37940643-be1b-11dd-a578-0030843d3802)

High Nessus Plugin ID 34977


The remote FreeBSD host is missing a security-related update.


Secunia reports :

A security issue has been reported in hplip, which can be exploited by malicious, local users to cause a DoS.

The security issue is caused due to an error within when parsing certain requests. This can be exploited to crash the service by sending specially crafted requests to the default port 2207/TCP.


Update the affected package.

See Also

Plugin Details

Severity: High

ID: 34977

File Name: freebsd_pkg_37940643be1b11dda5780030843d3802.nasl

Version: $Revision: 1.17 $

Type: local

Published: 2008/12/01

Modified: 2016/12/08

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 7.2

Temporal Score: 6.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:hplip, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2008/11/29

Vulnerability Publication Date: 2008/08/14

Reference Information

CVE: CVE-2008-2940, CVE-2008-2941

BID: 30683

Secunia: 31470

CWE: 20, 264