Re: ISS Advisory: Remote Buffer Overflow Vulnerability in BSD Line Printer Daemon

From: Emre Yildirim (emreat_private)
Date: Wed Aug 29 2001 - 17:09:29 PDT

Next message: Immunix Security Team: "ImmunixOS 7.0 update for xinetd"

Previous message: David Miller: "Security Advisory for Bugzilla v2.13 and older"
In reply to: X-Force: "ISS Advisory: Remote Buffer Overflow Vulnerability in BSD Line Printer Daemon"
Next in thread: Keith Stevenson: "Re: ISS Advisory: Remote Buffer Overflow Vulnerability in BSD Line Printer Daemon"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

X-Force wrote:


> The line printer must be enabled and configured for attackers to exploit
> this vulnerability.  FreeBSD and OpenBSD do not enable in.lpd by
> default.  BSD/OS line printer daemon is running by default, but with an

 > empty configuration file.


Hmm NetBSD doesn't seem to have it running by default either.

Everything in /etc/printcap is commented out as well.



-- 
Emre Yildirim <emreat_private>
GPG KeyID 0xF9E4A1D1 (keyserver.pgp.com)

Next message: Immunix Security Team: "ImmunixOS 7.0 update for xinetd"
Previous message: David Miller: "Security Advisory for Bugzilla v2.13 and older"
In reply to: X-Force: "ISS Advisory: Remote Buffer Overflow Vulnerability in BSD Line Printer Daemon"
Next in thread: Keith Stevenson: "Re: ISS Advisory: Remote Buffer Overflow Vulnerability in BSD Line Printer Daemon"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Aug 29 2001 - 17:16:04 PDT