11 lines
No EOL
749 B
Text
11 lines
No EOL
749 B
Text
source: https://www.securityfocus.com/bid/927/info
|
|
|
|
Multiple vulnerabilities have been discovered in lpd, shipped with various Linux and Unix distributions.
|
|
|
|
It has been reported that lpd fails to properly authenticate hostnames. This could allow an unauthenticated user to gain access to lpd services by supplying a spoofed hostname.
|
|
|
|
It is also possible for a local user to pass arguments to sendmail, through the vulnerable print daemon. This could allow an unauthorized user to execute commands with elevated privileges.
|
|
|
|
By exploiting multiple vulnerabilities in lpd, it may be possible for a remote attacker to gain root privileges on a target server.
|
|
|
|
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/19722.tgz |