hplip is vulnerable to a Denial-Of-Service-Attack via it's listener port.
Description =========== The problem is due to a flaw in the request parsing routines. To reproduce: ============= $telnet 127.0.0.1 2207 Trying 127.0.0.1... Connected to localhost.localdomain (127.0.0.1). Escape character is '^]'. msg=0 Connection closed by foreign host. Impact ====== <mschoene> afterwards hpssd is down <mschoene> will file another bug for it <twaugh> Yes, happens on RHEL-5.2 RC1 too
Created attachment 312881 [details] hplip-parse-crash.patch The parser is very fragile in a lot of places. This patch fixes up all the delicate bits I could find.
Lifting embargo
This issue was addressed in: Red Hat Enterprise Linux: http://rhn.redhat.com/errata/RHSA-2008-0818.html