Security Advisory

Carl Parrish plug-discuss@lists.PLUG.phoenix.az.us
Wed, 07 Nov 2001 16:38:57 -0700


I'm still behind on my email so I don't know if this went out already 
today or not.

Carl P.

----- Forwarded message from CERT Advisory <cert-advisory@cert.org> -----

CERT Advisory CA-2001-30 Multiple Vulnerabilities in lpd

    Original release date: November 05, 2001
    Last revised: --
    Source: CERT/CC

    A complete revision history can be found at the end of this file.

Systems Affected

      * BSDi BSD/OS Version 4.1 and earlier
      * Debian GNU/Linux 2.1 and 2.1r4
      * FreeBSD   All   released   versions   FreeBSD  4.x,  3.x,  FreeBSD
        4.3-STABLE, 3.5.1-STABLE prior to the correction date
      * Hewlett-Packard  HP9000  Series  700/800  running  HP-UX  releases
        10.01, 10.10, 10.20, 11.00, and 11.11
      * IBM AIX Versions 4.3 and AIX 5.1
      * Mandrake Linux Versions 6.0, 6.1, 7.0, 7.1
      * NetBSD 1.5.2 and earlier
      * OpenBSD Version 2.9 and earlier
      * Red Hat Linux 6.0 all architectures
      * SCO OpenServer Version 5.0.6a and earlier
      * SGI IRIX 6.5-6.5.13
      * Sun Solaris 8 and earlier
      * SuSE Linux Versions 6.1, 6.2, 6.3, 6.4, 7.0, 7.1, 7.2

Overview

    There  are  multiple vulnerabilities in several implementations of the
    line  printer  daemon  (lpd).  The line printer daemon enables various
    clients to share printers over a network. Review your configuration to
    be  sure  you have applied all relevant patches. We also encourage you
    to restrict access to the lpd service to only authorized users.

<snip>

II. Impact

    All of these vulnerabilities can be exploited remotely. In most cases,
    they  allow  an intruder to execute arbitrary code with the privileges
    of  the  lpd  server. In some cases, an intruder must have access to a
    machine  listed  in  /etc/hosts.equiv  or  /etc/hosts.lpd, and in some
    cases, an intruder must be able to control a nameserver.

<snip>


III. Solution

Apply a patch from your vendor

<snip>

______________________________________________________________________

    This document is available from:
    http://www.cert.org/advisories/CA-2001-30.html
______________________________________________________________________