Debian Security Advisory DSA 275-1 (lpr-ppd) Network Vulnerability

Summary

The remote host is missing an update to lpr-ppd announced via advisory DSA 275-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20275-1

Insight

A buffer overflow has been discovered in lpr, a BSD lpr/lpd line printer spooling system. This problem can be exploited by a local user to gain root privileges, even if the printer system is set up properly. For the stable distribution (woody) this problem has been fixed in version 0.72-2.1. The old stable distribution (potato) does not contain lpr-ppd packages. For the stable distribution (sid) this problem has been fixed in version 0.72-3. We recommend that you upgrade your lpr-ppd package immediately.

Severity

Classification

CVE CVE-2003-0144

CVSS	Base Score: 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Debian Security Advisory DSA 074-1 (wmaker)
Debian Security Advisory DSA 1082-1 (kernel-2.4.17)
Debian Security Advisory DSA 100-1 (gzip)
Debian Security Advisory DSA 089-1 (icecast-server)
Debian Security Advisory DSA 1008-1 (kdegraphics)

Take action and discover your vulnerabilities