Bugtraq mailing list archives
Re: Linux & BSD's lpr exploit
From: security () ieee udistrital edu co (UDNet Security)
Date: Fri, 25 Oct 1996 13:33:30 -0500
lpr bug was tested in linux 2.1.5 kernel .... Distribution Slackware 96 This configuration is vulnerable. ieee:security~# uname -a Linux ieee 2.1.5 #3 Sat Oct 19 13:34:54 EST 1986 i486 ieee:security~# ./lpr bash# id uid=(503)security gid=100(users) euid=0(root) egid=7(lp) groups=100(users) bash# Workaraound: I do a chmod -s /usr/bin/lpr .. it works fine, but then users cannot print; The patch works fine too. Gustavo Lozano.
Current thread:
- Ping problem patch page, (continued)
- Ping problem patch page Mike Bremford (Oct 21)
- Re: BoS: Urgent !! Serious Linux Security Bug.... Henrik P Johnson (Oct 21)
- Re: BoS: Urgent !! Serious Linux Security Bug.... Timothy Brown (Oct 21)
- Re: BoS: Urgent !! Serious Linux Security Bug.... Tazman (Oct 22)
- Re: BoS: Urgent !! Serious Linux Security Bug.... Tom Guptill (Oct 22)
- Re: BoS: Urgent !! Serious Linux Security Bug.... David O'Brien (Oct 25)
- Re: BoS: Urgent !! Serious Linux Security Bug.... Alan Cox (Oct 25)
- Re[2]: BoS: Urgent !! Serious Linux Security Bug.... Mike Bremford (Oct 25)
- Linux & BSD's lpr exploit Vadim Kolontsov (Oct 25)
- Re: Linux & BSD's lpr exploit David Holland (Oct 25)
- Re: Linux & BSD's lpr exploit UDNet Security (Oct 25)
- Re: Linux & BSD's lpr exploit Capitan (Oct 30)
- Re: BoS: Urgent !! Serious Linux Security Bug.... David O'Brien (Oct 25)