Vulnerability Development mailing list archives
Re: lpd exploit?
From: Ryan Yagatich <ryagatich () CSN1 COM>
Date: Fri, 1 Dec 2000 12:51:56 -0500
"root" 1) Cute e-mail address... since microsoft is primarily NT...... ;) 2) i agree with Dr. Altamo, yes there is a problem lpd, in fact, there have been many problems with lpd in redhat.... all which have been fixed. Here's some update info: LPR security - lpd Redhat 7.0: http://www.redhat.com/support/errata/RHSA-2000-065-06.html or on bugzilla: http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=17756 <Quote from redhat.com> "2. Problem description: LPRng has a string format bug in the use_syslog function. This function returns user input in a string that is passed to the syslog() function as the format string. It is possible to corrupt the print daemon's execution with unexpected format specifiers, thus gaining root access to the computer. The vulnerability is theoretically exploitable both locally and remotely." </quote> If you don't feel like reading the short advisory, the patches are as follows: i386: ftp://updates.redhat.com/7.0/i386/LPRng-3.6.24-2.i386.rpm sources: ftp://updates.redhat.com/7.0/SRPMS/LPRng-3.6.24-2.src.rpm ryan
Current thread:
- lpd exploit? root (Dec 01)
- Re: lpd exploit? Olaf Kirch (Dec 02)
- Re: lpd exploit? Crist Clark (Dec 04)
- Re: lpd exploit? Mark (Dec 02)
- Re: lpd exploit? Jarno Huuskonen (Dec 04)
- Re: lpd exploit? Larry W. Cashdollar (Dec 04)
- Re: lpd exploit? Ron DuFresne (Dec 04)
- Re: lpd exploit? Ryan Yagatich (Dec 04)
- <Possible follow-ups>
- Re: lpd exploit? John (Dec 07)
- Re: lpd exploit? John (Dec 07)
- Re: lpd exploit? Ron DuFresne (Dec 08)
- Re: lpd exploit? Graeme Fowler (Dec 09)
- Re: lpd exploit? Theodor Ragnar Gislason (Dec 09)
- Re: lpd exploit? Graeme Fowler (Dec 09)
- Re: lpd exploit? Theodor Ragnar Gislason (Dec 09)
- Re: lpd exploit? WebFusion System Administrator (Dec 09)
- Re: lpd exploit? Ron DuFresne (Dec 10)
- Re: lpd exploit? Ron DuFresne (Dec 08)
- Re: lpd exploit? Ron DuFresne (Dec 10)
- Re: lpd exploit? Olaf Kirch (Dec 02)