S.u.S.E. Support Data Base
Title: The printer daemon in packet lprold has a security hole

Mainpage
Searchform
History
Versions
Categories
Contents
Deutsch
The printer daemon in packet lprold has a security hole
Applicable to
S.u.S.E. version: 4.2, 4.3, 4.4 (1st edition)
Symptom:
The printer spooler (lpr) in package lprold
has got a
security hole that allows normal users to reach root privileges.
Cause:
An internal buffer is too short and overruns.
Solution:
Take the new package from
ftp://ftp.suse.de/pub/suse43/lprold.tgz or switch to the
alternative printer spooler plp. This can be done as follows:
/sbin/init.d/lpd stop
Uninstall the package lprold and install the package plp with YaST
/sbin/init.d/lpd start

Keywords: SECURITY, PRINTER, LPR, LPD, LPROLD

Feedback welcome: Send Mail to fehr@suse.de (Please give the following subject: SDB-fehr_lpr_2
)

Mainpage
Searchform
History
Versions
Categories
Contents
Deutsch
SDB-fehr_lpr_2, Copyright S.u.S.E. GmbH, Fürth, Germany
Impressum - Last generated: 17. Sep 1997 12:56:23
by mb with sdb_gen 0.70.0