[4220] in bugtraq
There are more loopholes in LPD
daemon@ATHENA.MIT.EDU (Patrick Powell)
Fri Mar 28 18:30:46 1997
Date: Fri, 28 Mar 1997 14:29:59 -0800
Reply-To: Patrick Powell <papowell@DICKORY.SDSU.EDU>
From: Patrick Powell <papowell@DICKORY.SDSU.EDU>
To: BUGTRAQ@NETSPACE.ORG
There are a vast number of loopholes in the original LPD code, which
is one of the reasons for the developement of LPRng. I have repeatedly
warned about this code; rather than try to pick holes in the existing
software, I rewrote the entire code with security in mind. Note that
LPRng now supports Kerberos and PGP authentication, and can transfer
encrypted job files.
The stable release of LPRng is now LPRng-3.2.1 - this should work
for most sites who are not pushing the envelope on throughput, etc.
The software may be obtained from
ftp://dickory.sdsu.edu/pub/LPRng (Main site)
ftp://ftp.iona.ie/pub/plp/LPRng
ftp://ftp.cs.umn.edu/pub/plp/LPRng
ftp://gwynne.cs.ualberta.ca/pub/LPRng
ftp://ftp.informatik.uni-hamburg.de/pub/os/unix/utils/plp/LPRng
ftp://ftp.uni-paderborn.de/pub/unix/printer/plp/LPRng
ftp://ftp.beckman.uiuc.edu/pub/plp/LPRng
ftp://ftp.zod.wau.nl/pub/mirror/plp/LPRng
ftp://ftp.lps.ens.fr/pub/software/plp/LPRng
To join the LPRng/PLP mailing list, please send mail to
lprng-request@iona.ie
with the word 'subscribe' in the BODY
Patrick Powell
