Ubuntu 12.04 LTS / 14.04 LTS / 15.04 : hplip vulnerability (USN-2699-1)
Medium Nessus Plugin ID 85157
SynopsisThe remote Ubuntu host is missing a security-related patch.
DescriptionEnrico Zini discovered that HPLIP used a short GPG key ID when downloading keys from the keyserver. An attacker could possibly use this to return a different key with a duplicate short key id and perform a man-in-the-middle attack on printer plugin installations.
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected hplip-data package.