Bugtraq mailing list archives
[ Hackerslab bug_paper ] Linux printtool get printer password
From: dubhe () DUAT DHS ORG (Sheshep ankh Dubhe)
Date: Thu, 9 Mar 2000 04:43:43 +0900
[ Hackerslab bug_paper ] Linux printtool get printer password File: /usr/bin/printtool SYSTEM: Linux INFO: If make printer configuration by printtool package, It make vule config file. Config file perrmission is "-rw-r--r-- root root". If use samba network printer, password stored in config file. Tested platform : RedHat 6.1 - 6.2B printtool-3.41-2 printtool-3.42-3ac printtool-3.43-1 [dubhe@duat dubhe]$ ls -lsa /var/spool/lpd/lp/.config 1 -rw-r--r-- 1 root root 96 Mar 6 13:21 /var/spool/lpd/lp/.config [dubhe@duat dubhe]$ cat /var/spool/lpd/lp/.config share='\\xxxxx\HP' hostip=xxx.xxx.xxx.xxx user='username' password='1111' workgroup='xxxxxxxx' Now to fix ------------ chmod o-r /var/spool/lpd/lp/.config chgrp lp /var/spool/lpd/lp/.config - Kyong-won, Cho - e-mail: dubhe () hackerslab org dubhe () duat dhs org
Current thread:
- PGP Signatures security BUG! Povl H. Pedersen (Mar 07)
- Re: PGP Signatures security BUG! Tobias Haustein (Mar 08)
- Re: PGP Signatures security BUG! Werner Koch (Mar 08)
- RealServer exposes internal IP addresses tschweikle () FIDUCIA DE (Mar 08)
- Re: PGP Signatures security BUG! Eric Murray (Mar 08)
- [ Hackerslab bug_paper ] Linux printtool get printer password Sheshep ankh Dubhe (Mar 08)
- Re: [ Hackerslab bug_paper ] Linux printtool get printer password Tuomas Jormola (Mar 09)
- RealPlayer and Comet Cursor Keela Robison (Mar 09)
- Fwd: ircii-4.4 buffer overflow bladi (Feb 07)
- Re: Fwd: ircii-4.4 buffer overflow Derek Callaway (Mar 11)
- Re: RealPlayer and Comet Cursor pedward () WEBCOM COM (Mar 09)
- The Comet Cursor Sarah MacArthur (Mar 09)
- Network File Resource Vulnerability Eric Hacker (Mar 09)
- Re: Network File Resource Vulnerability David LeBlanc (Mar 11)
- misc. cross site scripting issues Marc Slemko (Mar 12)
- a few bugs ... Maurycy Prodeus (Mar 13)