hert.00001.solaris.lpstat
272dcee4474c7eef9810bc8273c33dcf
From acz@hert.org Wed Jan 27 13:20:05 1999
From: "Anthony C . Zboralski" <acz@hert.org>
To: alert@hert.org
Date: Wed, 27 Jan 1999 16:53:51 +0100
Subject: [HERT] Advisory #001 Buffer overflow in Solaris /usr/bin/lpstat
-----BEGIN PGP SIGNED MESSAGE-----
- -------------------------------------------------------------
HERT - Hacker Emergency Response Team
alert@hert.org - http://www.hert.org
Advisory: #00001
Title: lpstat
Date: 26 January 1999
Summary: Buffer overflow in Solaris /usr/bin/lpstat
System affected: Solaris 2.6, 2.6_x86, 2.7, 2.7_x86
IMPACT: Local users may obtain root priviledge.
- --------------------------------------------------------------
Copyright (C) 1999 Hacker Emergency Response Team
Permission is granted to reproduce and distribute HERT advisories in their
entirety, provided the HERT PGP signature is included and provided the alert is used for noncommercial purposes and with the intent of increasing the aware-
ness of the Internet community.
This advisory is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
1. Background:
The lpstat command prints information about the current
status of the LP print service.
On Solaris 2.6 and 2.7, /usr/bin/lpstat is suid root and we've found it
to be vulnerable to a buffer overflow.
Exploit code for this vulnerability is in circulation.
2. Affected Supported versions
Solaris versions: 2.7, 2.7_x86, 2.6, 2.6_x86
3. Recommendations
Temporary fix:
chmod -s /usr/bin/lpstat
chmod -s /usr/bin/lpq
Wait for Sun to issue a patch that will correct this problem.
To subscribe to the HERT Alert mailing list, email alert@hert.org
with subscribe in the body of the message.
Contact hert@hert.org for more information.
The HERT PGP public key is available at ftp://ftp.hert.org/pub/HERT_PGP.key
To report a vulnerability: http://www.hert.org/vul_reporting_form
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: latin1
iQCVAwUBNq82VbiV3oeHg1NdAQH9MAQAtEDQxHaDdlDNP/B8Bl785Y4nDidgJYyR
TZwJl/QD/0g/Q0IoX80muxw8fR2+XKnyq7qqhaI1EhC+1z0ScPjPWWOa12oKTKAG
hFGpLdq5WdVrmHf1X9b90ZD5ov9KIsDuVxSTpUv0dPCCvxfSJb4Zdbr2+lQDjks/
orxjIwo5jgY=
=NG0f
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to alert-request@hert.org
with "unsubscribe" in the body. Trouble? Contact listmaster@hert.org
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
Comments
No comments yet, be the first!