Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1996_4

Bugtraq archives for 4th quarter (Oct-Dec) 1996: Re: Linux & BSD's lpr exploit

Re: Linux & BSD's lpr exploit

Theo de Raadt (deraadtcvs.openbsd.org)
Fri, 25 Oct 1996 10:45:19 -0600

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Alan Cox: "Re: BoS: Urgent !! Serious Linux Security Bug...."
Previous message: David O'Brien: "BoS: Urgent !! Serious Linux Security Bug...."
Maybe in reply to: Vadim Kolontsov: "Linux & BSD's lpr exploit"
Next in thread: Scriptors of DOOM: "Re: Linux & BSD's lpr exploit"

>  there is a bug in berkeley-derived lpr, which allows attacker to get
>root access (see freebsd-security for details). Here is exploit for Linux
>(tested on 2.0.20), for BSD (tested on FreeBSD 2.1) and a patch.

OpenBSD is not vulnerable.  This was found and fixed in mid-August.

Next message: Alan Cox: "Re: BoS: Urgent !! Serious Linux Security Bug...."
Previous message: David O'Brien: "BoS: Urgent !! Serious Linux Security Bug...."
Maybe in reply to: Vadim Kolontsov: "Linux & BSD's lpr exploit"
Next in thread: Scriptors of DOOM: "Re: Linux & BSD's lpr exploit"