Bugtraq mailing list archives
Re: Linux & BSD's lpr exploit
From: sopwith () cuc edu (Elliot Lee)
Date: Thu, 31 Oct 1996 19:55:48 -0500
On Wed, 30 Oct 1996, Capitan wrote:
I tried to use the lpr exploit on my machine which runs Redhat 4.0. It says "lpr: lp: unknown printer". It is setuid. I was wondering if you could set lp so that the program would work. You could do it by enviroment variable, but what would you set it to if there isn't a printer for the machine. Is it just not possible for the bug to work on Redhat 4.0? I would hate for one of my users to find a way to exploit it after i thought it was safe. My kernel version is 2.0.23, but I'm going to upgrade it to 2.0.24 tonight.
There is an update out for lpr - run the following command as root, and stop and start lpr, to fix: rpm -Uvh \ ftp://ftp.redhat.com/pub/redhat/redhat-4.0/updates/i386/lpr-0.12-1.i386.rpm Personally I think the world should start using LPRng (which doesn't need things to be setUID at all, and is more secure in other aspects as well) but again, that's just my opinion :) -- Elliot A: "Talk about stupidity!" B: "Who, you?" A: "No, me!"
Current thread:
- Re: Linux & BSD's lpr exploit Elliot Lee (Oct 31)
- <Possible follow-ups>
- Re: Linux & BSD's lpr exploit Scriptors of DOOM (Nov 02)