Date: Thu, 27 Mar 1997 09:48:29 +1100 (EST) From: proff@suburbia.net To: security@freebsd.org Subject: Re: FreeBSD-SA-97:02: Buffer overflow in lpd Message-ID: <19970326224830.6053.qmail@suburbia.net> In-Reply-To: <E0wA0Nz-0005pU-00@rover.village.org> from FreeBSD Security Officer at "Mar 26, 97 02:37:35 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
-- Start of PGP signed section. > ============================================================================= > FreeBSD-SA-97:02 Security Advisory > FreeBSD, Inc. > > Topic: Buffer overflow in lpd > > Category: core > Module: lpd > Announced: 1997-03-xxx > Affects: FreeBSD 2.1.7 and earlier and FreeBSD 2.2 snapshots > before 1997/02/25 suffer from this problem. > Corrected: FreeBSD-current as of 1997/02/25 > FreeBSD 2.2 as of 1997/02/25 > FreeBSD only: yes > > Patches: ftp://freebsd.org/pub/CERT/patches/SA-97:02/ > > ============================================================================= > > I. Background > > The lpd program is used to print local and remote print jobs. It > is standard software in the FreeBSD operating system. > > II. Problem Description > > The lpd program runs as root. A remote attacker can exploit a > buffer overflow to obtain root privs. > > III. Impact > > Remote users can gain root privs. > Writing exploit code using only alpha-numeric characters, "." and "-" might be an interesting challenge. -- Prof. Julian Assange |If you want to build a ship, don't drum up people |together to collect wood and don't assign them tasks proff@suburbia.net |and work, but rather teach them to long for the endless proff@gnu.ai.mit.edu |immensity of the sea. -- Antoine de Saint Exupery
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19970326224830.6053.qmail>