Date: Thu, 14 Dec 2000 22:31:11 -0800 From: Kris Kennaway <kris@FreeBSD.ORG> To: Chris Faulhaber <jedgar@fxp.org> Cc: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>, desmo@bandwidth.org, freebsd-security@FreeBSD.ORG Subject: Re: LPRng remote root exploit (fwd) Message-ID: <20001214223111.D2040@citusc.usc.edu> In-Reply-To: <20001214205749.A48180@peitho.fxp.org>; from jedgar@fxp.org on Thu, Dec 14, 2000 at 08:57:49PM -0500 References: <200012150131.eBF1VPa05764@cwsys.cwsent.com> <20001214205749.A48180@peitho.fxp.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--IMjqdzrDRly81ofr Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Dec 14, 2000 at 08:57:49PM -0500, Chris Faulhaber wrote: > On Thu, Dec 14, 2000 at 05:30:52PM -0800, Cy Schubert - ITSD Open Systems= Group wrote: > > This is just a heads up. > >=20 > > Anyone care to test this with our LPRng port? > >=20 > *snip* > >=20 > > LPRng-3.6.22/23/24 remote root exploit, enjoy. > >=20 > *snip* >=20 >=20 > It won't hurt to try, however, ports/sysutils/LPRng is > at 3.6.26, which is supposed to fix this problem. Yes, I believe so. See the advisory of a month or so ago. Kris --IMjqdzrDRly81ofr Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6ObqtWry0BWjoQKURAuF/AJ9cy9cp4Gb3dT8W4LwzBXO9Bm5LhgCg3gp8 4hyw7YzhZFETzdkVg8nA1OQ= =NHDD -----END PGP SIGNATURE----- --IMjqdzrDRly81ofr-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001214223111.D2040>