[UNIX] Remote Buffer Overflow Vulnerability in HP-UX Line Printer Daemon
From: support@securiteam.comDate: 08/30/01
- Previous message: support@securiteam.com: "[NT] Outlook Express 6 Attachment Protection Bypassing"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: support@securiteam.com To: list@securiteam.com Subject: [UNIX] Remote Buffer Overflow Vulnerability in HP-UX Line Printer Daemon Message-Id: <20010830213809.10139138BF@mail.der-keiler.de> Date: Thu, 30 Aug 2001 23:38:09 +0200 (CEST)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -
Remote Buffer Overflow Vulnerability in HP-UX Line Printer Daemon
------------------------------------------------------------------------
SUMMARY
Internet Security Systems (ISS) X-Force has discovered a buffer overflow
in the HP-UX line printer daemon (rlpdaemon). The rlpdaemon service
contains a buffer overflow that may allow a remote or local attacker to
execute arbitrary code with superuser privilege.
DETAILS
Vulnerable systems:
HP-UX 10.01
HP-UX 10.10
HP-UX 10.20
HP-UX 11.00
HP-UX 11.11
HP-UX is shipped with a line printer daemon adapted from BSD Unix. Many
commercial and open-source operating systems are adapted from BSD Unix.
The HP line printer daemon is similar to "in.lpd" in other UNIX variants.
The Line Printer Daemon is used to allow heterogeneous UNIX environments
to share printers over a network.
A buffer overflow exists in rlpdaemon that may allow remote attackers to
send a specially crafted print request to crash the service, or execute
arbitrary code with superuser privilege on the target system. The
vulnerability is particularly serious because rlpdaemon is installed and
configured by default and is active even if it is not being used. No local
account or knowledge of the configuration on the target system is needed
to successfully exploit this vulnerability.
Recommendations:
ISS X-Force recommends that all administrators who have not implemented
network printing should immediately disable rlpdaemon, as well as any
other unused services. HP has made the following patches available to
address the vulnerability described in this advisory:
10.01 PHCO_24697
10.10 PHCO_24698
10.20 PHCO_24699
11.00 PHCO_24700
11.11 PHCO_24701
To access these patches, visit the following address:
<http://us-support.external.hp.com> http://us-support.external.hp.com
ISS X-Force will provide detection and assessment support for these
vulnerabilities in upcoming X-Press Updates for RealSecure Network Sensor
and Internet Scanner.
ADDITIONAL INFORMATION
The information has been provided by <mailto:xforce@iss.net> X-Force.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: support@securiteam.com: "[NT] Outlook Express 6 Attachment Protection Bypassing"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
