[yellowdog-security] SECURITY: lpr

Subject: [yellowdog-security] SECURITY: lpr
From: Dan Burcaw (dburcaw@terraplex.com)
Date: Mon Oct 18 1999 - 16:54:16 MDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Dan Burcaw: "[yellowdog-security] SECURITY: wu-ftpd"
• Previous message: Dan Burcaw: "[yellowdog-security] SECURITY: rsh"

The Yellow Dog Linux Security Team has just released an update to lpr
(a utility manages print jobs) package.

Package: lpr
Date: October 18, 1999
Problem:
By exploiting a race between the access check and the actual file opening,
it is potentially possible to have lpr read a file as root that the user
does not have access to. Also, the lpd program would blindly open queue files
as root; by use of the '-s' flag to lpr, it was possible to have lpd print
files that the user could not access.
                             
Thanks go to Tymm Twillman for pointing out these vulnerabilities.
                             
Urgency: MEDIUM
Solution: rpm -Uvh
ftp://ftp.yellowdoglinux.com/pub/yellowdog/updates/champion-1.1/RPMS/lpr-0.43-2a.ppc.rpm

For more information, see our Updates and Errata page at:
http://www.yellowdoglinux.com/resources/errata.shtml

Yellow Dog Linux Security Team
Terra Soft Solutions, Inc.
security@yellowdoglinux.com

• Next message: Dan Burcaw: "[yellowdog-security] SECURITY: wu-ftpd"
• Previous message: Dan Burcaw: "[yellowdog-security] SECURITY: rsh"

This archive was generated by hypermail 2a24 : Tue Nov 02 1999 - 16:21:15 MST