Vulnerability Development mailing list archives
Re: lpd exploit?
From: "Larry W. Cashdollar" <lwc () VAPID DHS ORG>
Date: Fri, 1 Dec 2000 11:07:42 -0800
Paranoia is good when it comes to computer security. And just because you have never seen it does not mean it does not exist. The lpd daemon is notorious for being insecure. A search on securityfocus.com will show you a few older exploits for it. I thought redhat 7.0 was using CUPS? On Thu, 30 Nov 2000, Mark wrote:
This is paranoia. By default, redhat 7 runs lpd as user 'lp', and I have never seen any exploits for this daemon. mark tort () dethbystereo com On Thu, 30 Nov 2000 root () MICROSOFT COM wrote:Not sure if this is true or not, but I thought I'd give a heads-up...
Current thread:
- lpd exploit? root (Dec 01)
- Re: lpd exploit? Olaf Kirch (Dec 02)
- Re: lpd exploit? Crist Clark (Dec 04)
- Re: lpd exploit? Mark (Dec 02)
- Re: lpd exploit? Jarno Huuskonen (Dec 04)
- Re: lpd exploit? Larry W. Cashdollar (Dec 04)
- Re: lpd exploit? Ron DuFresne (Dec 04)
- Re: lpd exploit? Ryan Yagatich (Dec 04)
- <Possible follow-ups>
- Re: lpd exploit? John (Dec 07)
- Re: lpd exploit? John (Dec 07)
- Re: lpd exploit? Ron DuFresne (Dec 08)
- Re: lpd exploit? Graeme Fowler (Dec 09)
- Re: lpd exploit? Theodor Ragnar Gislason (Dec 09)
- Re: lpd exploit? Graeme Fowler (Dec 09)
- Re: lpd exploit? Theodor Ragnar Gislason (Dec 09)
- Re: lpd exploit? WebFusion System Administrator (Dec 09)
- Re: lpd exploit? Ron DuFresne (Dec 08)
- Re: lpd exploit? Olaf Kirch (Dec 02)