HP recommends upgrading to a later version of the jetadmin software, available at http://www.hp.com/go/support, in the Network Printing section. Posts to Bugtraq suggested changing line 17 to set more restrictive permissions. However, the potential still exists for a powerful denial of service should this be the option selected.
A vulnerability exists in HP's JetAdmin Rev. D.01.09 software. Due to its failure to check if it is following a symbolic link, it is possible for an attacker to create a link from /tmp/jetadmin.log to anywhere on the filesystem, with permissions for reading and writing by everyone on the system. This can be used to gain root access.
The problem lies in the checking and creation of the log file. The following snippit is from /opt/hpnp/admin/jetadmin.
if [ ! -f "$LOG" ]
chmod 666 $LOG
If the log file does not exist, the jetadmin script will create it, and change its permissions to 666. It does not check if the file is a symbolic link.
ln -sf /.rhosts /tmp/jetadmin.log