[6553] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Nasty security hole in "lprm"

daemon@ATHENA.MIT.EDU (Ross Harvey)
Mon Apr 20 18:17:26 1998

Date: 	Mon, 20 Apr 1998 11:29:57 -0700
Reply-To: Ross Harvey <ross@TERAFLOP.COM>
From: Ross Harvey <ross@TERAFLOP.COM>
X-To:         raymond@THRIJSWIJK.NL
To: BUGTRAQ@NETSPACE.ORG

> > I've found a local->root compromise in the lprm program, as shipped
> > RedHat4.2 and RedHat5.0. Other systems untested.
>
> ...yes OpenBSD fixed it long ago.

NetBSD incorporated the fixed-up BSD lpr system over six months ago,
and the fixed-up version is in the NetBSD 1.3 release.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[6553] in bugtraq

Re: Nasty security hole in "lprm"

daemon@ATHENA.MIT.EDU (Ross Harvey)Mon Apr 20 18:17:26 1998

daemon@ATHENA.MIT.EDU (Ross Harvey)
Mon Apr 20 18:17:26 1998