15 lines
No EOL
861 B
Text
15 lines
No EOL
861 B
Text
source: https://www.securityfocus.com/bid/3274/info
|
|
|
|
The print protocol daemon, 'in.lpd' (or 'lpd'), shipped with Solaris may allow for remote attackers to execute arbitrary commands on target hosts with superuser privileges.
|
|
|
|
The alleged vulnerability is not the buffer overflow discovered by ISS.
|
|
|
|
It has been reported that it is possible to execute commands on target hosts through lpd by manipulating the use of sendmail by the daemon.
|
|
|
|
If this vulnerability is successfully exploited, remote attackers can execute any command on the target host with superuser privileges.
|
|
|
|
This vulnerability is very similar to one mentioned in NAI advisory NAI-0020.
|
|
|
|
NOTE: It has been reported that a valid printer does NOT need to be configured to exploit this vulnerability.
|
|
|
|
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/21097.tar.gz |