LPR: Sun Solaris Printd Daemon Arbitrary File Deletion
This signature detects LPD connections containing crafted control files. An attacker can send lpr requests containing invalid characters, which if successful, can delete an arbitrary file from the target system resulting in data loss or a system crash.
Extended Description
Sun Solaris printd is affected by an arbitrary file deletion vulnerability. It was reported that a remote or local attacker can delete arbitrary files on a computer with the privileges of printd. If an attacker is able to delete sensitive files, this issue may lead to a denial of service condition.
Affected Products
Sun solaris
Short Name
LPR:ARB-FILE-UNLINK
Severity
Major
Recommended
False
Recommended Action
Drop
Category
LPR
Keywords
Arbitrary CVE-2005-4797 CVE-2005-6706 Daemon Deletion File Printd Solaris Sun bid:14510
Release Date
09/01/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3727
False Positive
Unknown
Vendors
Sun
Avaya
CVSS Score
5.0