Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Linux & BSD's lpr exploit

From: sopwith () cuc edu (Elliot Lee)
Date: Thu, 31 Oct 1996 19:55:48 -0500

On Wed, 30 Oct 1996, Capitan wrote:


I tried to use the lpr exploit on my machine which runs Redhat 4.0.
It says "lpr: lp: unknown printer".  It is setuid.  I was wondering if you
could set lp so that the program would work.  You could do it by
enviroment variable, but what would you set it to if there isn't a printer
for the machine.  Is it just not possible for the bug to work on Redhat
4.0?  I would hate for one of my users to find a way to exploit it after i
thought it was safe.   My kernel version is 2.0.23, but I'm going to
upgrade it to 2.0.24 tonight.


There is an update out for lpr - run the following command as root,
and stop and start lpr, to fix:
rpm -Uvh \
ftp://ftp.redhat.com/pub/redhat/redhat-4.0/updates/i386/lpr-0.12-1.i386.rpm

Personally I think the world should start using LPRng (which doesn't need
things to be setUID at all, and is more secure in other aspects as well)
but again, that's just my opinion :)

-- Elliot

A: "Talk about stupidity!"
B: "Who, you?"
A: "No, me!"
Previous By Date Next
Previous By Thread Next

Current thread: