http://www.theregister.co.uk/content/55/22694.html By Thomas C Greene in Washington Posted: 07/11/2001 at 07:24 GMT So many vulnerabilities affecting the lpd (line printer daemon) have come to light in recent months that CERT/CC has issued a compendium advisory urging all users and admins to review their system configurations and patch status http://www.cert.org/advisories/CA-2001-30.html "All of these vulnerabilities can be exploited remotely. In most cases, they allow an intruder to execute arbitrary code with the privileges of the lpd server," CERT explains. A table provided in the above advisory references systems with their correponding individual advisory. Affected systems include: -- BSDi BSD/OS Version 4.1 and earlier -- Debian GNU/Linux 2.1 and 2.1r4 -- FreeBSD All released versions FreeBSD 4.x, 3.x, FreeBSD 4.3-STABLE, 3.5.1-STABLE prior to the correction date -- Hewlett-Packard HP9000 Series 700/800 running HP-UX releases 10.01, 10.10, 10.20, 11.00, and 11.11 -- IBM AIX Versions 4.3 and AIX 5.1 -- Mandrake Linux Versions 6.0, 6.1, 7.0, 7.1 -- NetBSD 1.5.2 and earlier -- OpenBSD Version 2.9 and earlier -- Red Hat Linux 6.0 all architectures -- SCO OpenServer Version 5.0.6a and earlier -- SGI IRIX 6.5-6.5.13 -- Sun Solaris 8 and earlier -- SuSE Linux Versions 6.1, 6.2, 6.3, 6.4, 7.0, 7.1, 7.2 Quite a list -- no doubt soon to be framed on Bill Gates' office wall. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Wed Nov 07 2001 - 04:10:12 PST