Oracle Solaris Third-Party Patch Update : foomatic (multiple_vulnerabilities_in_foomatic)
Medium Nessus Plugin ID 80613
SynopsisThe remote Solaris system is missing a security patch for third-party software.
DescriptionThe remote Solaris system is missing necessary patches to address security updates :
- foomatic-rip-hplip in HP Linux Imaging and Printing (HPLIP) 3.11.5 allows remote attackers to execute arbitrary code via a crafted *FoomaticRIPCommandLine field in a .ppd file. (CVE-2011-2697)
- foomaticrip.c in foomatic-rip in foomatic-filters in Foomatic 4.0.6 allows remote attackers to execute arbitrary code via a crafted *FoomaticRIPCommandLine field in a .ppd file, a different vulnerability than CVE-2011-2697. (CVE-2011-2964)
SolutionUpgrade to Solaris 11/11 SRU 8.5.