OS: Linux x86 LPRng Buffer Overflow
This signature detects attempts to exploit a known vulnerability in LPRng, an implementation of the Berkeley lpr print spooling utility for LINUX. The LPRng use_syslog() function returns user input to a string that is passed to syslog() as the format string. Attackers can send maliciously formed requests to corrupt execution flow.
Extended Description
LPRng is an implementation of the Berkeley lpr print spooling utility. LPRng contains a function, use_syslog(), that returns user input to a string in LPRng that is passed to syslog() as the format string. As a result, it is possible to corrupt the program's flow of execution by entering malicious format specifiers. In testing this has been exploited to remotely elevate privileges. This vulnerability was tested on RedHat 7.0. Earlier versions are likely also be vulnerable, as well as other operating systems which ship with LPRng. (Please see http://www.redhat.com/support/errata/RHSA-2000-065-06.html for links to updated i386 and source packages.) If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com.
Affected Products
Trustix trustix_secure_linux
Short Name
OS:LINUXX86:LPRNG-OF
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
OS
Keywords
Buffer CVE-2000-0917 LPRng Linux Overflow bid:1712 x86
Release Date
04/22/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Red_hat
Caldera
Sco
Trustix
CVSS Score
10.0