[3568] in bugtraq
Re: Linux & BSD's lpr exploit
daemon@ATHENA.MIT.EDU (Theo de Raadt)
Fri Oct 25 14:17:43 1996
Date: Fri, 25 Oct 1996 10:45:19 -0600
Reply-To: Theo de Raadt <deraadt@cvs.openbsd.org>
From: Theo de Raadt <deraadt@cvs.openbsd.org>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
> there is a bug in berkeley-derived lpr, which allows attacker to get
>root access (see freebsd-security for details). Here is exploit for Linux
>(tested on 2.0.20), for BSD (tested on FreeBSD 2.1) and a patch.
OpenBSD is not vulnerable. This was found and fixed in mid-August.
