[3572] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Linux & BSD's lpr exploit

daemon@ATHENA.MIT.EDU (UDNet Security)
Fri Oct 25 18:12:51 1996

Date: 	Fri, 25 Oct 1996 13:33:30 -0500
Reply-To: UDNet Security <security@IEEE.UDISTRITAL.EDU.CO>
From: UDNet Security <security@IEEE.UDISTRITAL.EDU.CO>
X-To:         Vadim Kolontsov <vadim@tversu.ac.ru>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
In-Reply-To:  <Pine.NEB.3.95.961025163139.5903B-100000@mailserv.tversu.ac.ru>

lpr bug was tested in linux 2.1.5 kernel .... Distribution Slackware 96

This configuration is vulnerable.

ieee:security~# uname -a
Linux ieee 2.1.5 #3 Sat Oct 19 13:34:54 EST 1986 i486
ieee:security~# ./lpr
bash# id
uid=(503)security gid=100(users) euid=0(root) egid=7(lp) groups=100(users)
bash#



Workaraound:
I do a chmod -s /usr/bin/lpr .. it works fine, but then users cannot
print;

The patch works fine too.


Gustavo Lozano.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[3572] in bugtraq

Re: Linux & BSD's lpr exploit

daemon@ATHENA.MIT.EDU (UDNet Security)Fri Oct 25 18:12:51 1996

daemon@ATHENA.MIT.EDU (UDNet Security)
Fri Oct 25 18:12:51 1996