[22458] in bugtraq
Re: ISS Advisory: Remote Buffer Overflow Vulnerability in BSD Line Printer Daemon
daemon@ATHENA.MIT.EDU (Emre Yildirim)
Wed Aug 29 20:17:01 2001
Message-ID: <3B8D8439.5010700@sgi.asper.org>
Date: Wed, 29 Aug 2001 19:09:29 -0500
From: Emre Yildirim <emre@asper.org>
MIME-Version: 1.0
To: X-Force <xforce@iss.net>, bugtraq@securityfocus.com
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
X-Force wrote:
> The line printer must be enabled and configured for attackers to exploit
> this vulnerability. FreeBSD and OpenBSD do not enable in.lpd by
> default. BSD/OS line printer daemon is running by default, but with an
> empty configuration file.
Hmm NetBSD doesn't seem to have it running by default either.
Everything in /etc/printcap is commented out as well.
--
Emre Yildirim <emre@asper.org>
GPG KeyID 0xF9E4A1D1 (keyserver.pgp.com)
