Debian Security Advisory DSA 267-1 (lpr) Network Vulnerability

Summary

The remote host is missing an update to lpr announced via advisory DSA 267-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20267-1

Insight

A buffer overflow has been discovered in lpr, a BSD lpr/lpd line printer spooling system. This problem can be exploited by a local user to gain root privileges, even if the printer system is set up properly. For the stable distribution (woody) this problem has been fixed in version 2000.05.07-4.3. For the old stable distribution (potato) this problem has been fixed in version 0.48-1.1. For the stable distribution (sid) this problem has been fixed in version 2000.05.07-4.20. We recommend that you upgrade your lpr package immediately.

Severity

Classification

CVE CVE-2003-0144

CVSS	Base Score: 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Debian Security Advisory DSA 098-1 (libgtop)
Debian Security Advisory DSA 1026-1 (sash)
Debian Security Advisory DSA 031-1 (sudo)
Debian Security Advisory DSA 058-1 (exim)
Debian Security Advisory DSA 014-1 (splitvt)

Take action and discover your vulnerabilities