Date: Wed, 30 Oct 1996 09:23:44 -0600 (CST) From: "S(pork)" <spork@super-g.com> To: freebsd-questions@freebsd.org Subject: lpr hole Message-ID: <Pine.LNX.3.92.961030091845.12397A-100000@super-g.inch.com>
next in thread | raw e-mail | index | archive | help
Hi, I recently found an exploit for lpr that will allow root access by anyone with an account on the system. As far as I know, this affects all FBSD. A temp fix is to chmod -s it, but I wonder if anyone has a patch for this. The exploit itself has been around for a while, but it seems to be resurfacing (as they always do) and coming into vogue... From what I gather it's some sort of race/overflow thing that makes lpr make you a nice little root owned SUID shell. I also have a few other little things I've found; is there any sort of security related list/archive for FBSD? CERT is so ridiculously behind on these things it's not even funny. Curious about security, Charles
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.3.92.961030091845.12397A-100000>