of interest to folks here. ____________________________ jose nazario joseat_private PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80 PGP key ID 0xFD37F4E5 (pgp.mit.edu) ---------- Forwarded message ---------- Date: Mon, 03 Dec 2001 20:52:40 -0700 From: Todd C. Miller <Todd.Millerat_private> To: security-announceat_private Subject: security issue with lpd A security issue exists with lpd (the line printer daemon) that may allow an attacker to create arbitrary new files in the root directory. Only machines with line printer access (ie: listed in either /etc/hosts.lpd or /etc/hosts.equiv) may be used to mount an attack and the attacker must have root access on the machine. OpenBSD does not start lpd in the default installation. This problem is fixed in OpenBSD-current, the 3.0 patch branch (aka 3.0-stable) and the 2.9 branch (aka 2.9-stable). A patch exists to fix the problem: For OpenBSD-2.9 (as well as OpenBSD-2.8): ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.9/common/017_lpd.patch For OpenBSD-3.0 ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.0/common/008_lpd.patch Credit for finding this bug (and the corresponding patch) goes to Sebastian Krahmer of SuSE. - todd
This archive was generated by hypermail 2b30 : Tue Dec 04 2001 - 12:01:55 PST