Gain root remotely : Buffer overflow in BSD in.lpd

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.11406

Categoría: Gain root remotely

Título: Buffer overflow in BSD in.lpd

Resumen: NOSUMMARY

Descripción: Description:

The remote bsd-lpd daemon might be vulnerable to a
buffer overflow when sent a too long file name
and then asked to show the print queue when the
file is being printed.

An attacker may use this flaw to gain a shell on
this host.

** Because of the conditions to positively check for
** this flaw are very hard to meet, this alert might be
** a false positive.

Affected systems : BSD/OS (up to 4.1), FreeBSD (up to 4.2),
NetBSD (up to 1.5.1), OpenBSD (up to 2.9),
SuSE Linux (up to 7.2), SCO Open Server (5.0.6)

Solution : Make sure you are running the latest version of the BSD line
printer daemon
Risk factor : High

Referencia Cruzada: BugTraq ID: 3252
Common Vulnerability Exposure (CVE) ID: CVE-2001-0670
http://www.securityfocus.com/bid/3252
Caldera Security Advisory: CSSA-2001-SCO.20
ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.20/CSSA-2001-SCO.20.txt
http://www.cert.org/advisories/CA-2001-30.html
CERT/CC vulnerability note: VU#274043
http://www.kb.cert.org/vuls/id/274043
ISS Security Advisory: 20010829 Remote Buffer Overflow Vulnerability in BSD Line Printer Daemon
http://xforce.iss.net/alerts/advise94.php
NETBSD Security Advisory: NetBSD-SA2001-018
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-018.txt.asc
OpenBSD Security Advisory: 20010829
http://www.openbsd.com/errata28.html
http://www.redhat.com/support/errata/RHSA-2001-147.html
XForce ISS Database: bsd-lpd-bo(7046)
https://exchange.xforce.ibmcloud.com/vulnerabilities/7046
Common Vulnerability Exposure (CVE) ID: CVE-1999-0061
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0061
NAI Labs Security Advisory: NAI-20
XForce ISS Database: bsd-lpd

Copyright This script is Copyright (C) 2003 Renaud Deraison

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.11406
Categoría:	Gain root remotely
Título:	Buffer overflow in BSD in.lpd
Resumen:	NOSUMMARY
Descripción:	Description: The remote bsd-lpd daemon might be vulnerable to a buffer overflow when sent a too long file name and then asked to show the print queue when the file is being printed. An attacker may use this flaw to gain a shell on this host. Because of the conditions to positively check for this flaw are very hard to meet, this alert might be ** a false positive. Affected systems : BSD/OS (up to 4.1), FreeBSD (up to 4.2), NetBSD (up to 1.5.1), OpenBSD (up to 2.9), SuSE Linux (up to 7.2), SCO Open Server (5.0.6) Solution : Make sure you are running the latest version of the BSD line printer daemon Risk factor : High
Referencia Cruzada:	BugTraq ID: 3252 Common Vulnerability Exposure (CVE) ID: CVE-2001-0670 http://www.securityfocus.com/bid/3252 Caldera Security Advisory: CSSA-2001-SCO.20 ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.20/CSSA-2001-SCO.20.txt http://www.cert.org/advisories/CA-2001-30.html CERT/CC vulnerability note: VU#274043 http://www.kb.cert.org/vuls/id/274043 ISS Security Advisory: 20010829 Remote Buffer Overflow Vulnerability in BSD Line Printer Daemon http://xforce.iss.net/alerts/advise94.php NETBSD Security Advisory: NetBSD-SA2001-018 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-018.txt.asc OpenBSD Security Advisory: 20010829 http://www.openbsd.com/errata28.html http://www.redhat.com/support/errata/RHSA-2001-147.html XForce ISS Database: bsd-lpd-bo(7046) https://exchange.xforce.ibmcloud.com/vulnerabilities/7046 Common Vulnerability Exposure (CVE) ID: CVE-1999-0061 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0061 NAI Labs Security Advisory: NAI-20 XForce ISS Database: bsd-lpd
Copyright	This script is Copyright (C) 2003 Renaud Deraison