|Category:||Red Hat Local Security Checks|
|Title:||RedHat Security Advisory RHSA-2003:150|
The remote host is missing updates announced in
LPRng is a print spooler. LPRng includes a program, psbanner, that can be
used to produce Postscript banner pages to separate print jobs.
A vulnerability has been found in psbanner, which creates in an insecure
manner a temporary file with a known filename. An attacker could create a
symbolic link and cause arbitrary files to be written as the lp user.
Note: psbanner is not used by the default Red Hat Enterprise Linux LPRng
Users that have configured LPRng to use psbanner should install these
updated packages, which contain a patch so that psbanner does not create
the temporary file.
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date
Risk factor : Medium
Common Vulnerability Exposure (CVE) ID: CVE-2003-0136|
Debian Security Information: DSA-285 (Google Search)
|Copyright||Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com|
|This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.