IBM AIX line printer daemon contains a buffer overflow in chk_fhost()

2001-10-16T00:00:00
ID VU:466239
Type cert
Reporter CERT
Modified 2002-01-03T00:00:00

Description

Overview

The Line Printer daemon (lpd) shipped with AIX systems contains a buffer overflow in chk_fhost() that potentially allow a malicious remote user to gain root privileges.

Description

A buffer overflow exists in the chk_fhost() function of the line printer daemon (lpd) on AIX systems. An intruder could exploit this vulnerability to obtain root privileges or cause a denial of service (DoS). The intruder would need control of the DNS server to exploit this vulnerability.


Impact

An intruder could exploit this vulnerability to obtain root privileges, or cause a denial of service (DoS).


Solution

IBM has released a VULNERABILITY SUMMARY. Please see the vendor statement for patches and instructions.


Systems Affected

Vendor| Status| Date Notified| Date Updated
---|---|---|---
IBM| | -| 04 Oct 2001
Apple| | -| 09 Nov 2001
Caldera| | 04 Sep 2001| 01 Nov 2001
Cray| | -| 01 Nov 2001
Engarde| | -| 01 Nov 2001
FreeBSD| | -| 05 Nov 2001
Fujitsu| | -| 01 Nov 2001
Red Hat| | -| 08 Nov 2001
Sun| | -| 01 Nov 2001
Compaq Computer Corporation| | -| 05 Nov 2001
If you are a vendor and your product is affected, let us know.

CVSS Metrics

Group | Score | Vector
---|---|---
Base | N/A | N/A
Temporal | N/A | N/A
Environmental | N/A | N/A

References

  • <http://www.uniras.gov.uk/l1/l2/l3/brief2001/UNIRAS%20Briefing%20-%2016301%20-%20IBM%20%20-%20Buffer%20Overflow%20Vulnerabilities%20in%20lpd.txt>
  • <http://archives.neohapsis.com/archives/bugtraq/2001-09/0084.html>

Credit

The CERT/CC wishes to thank IBM for their help in identifying and analyzing this vulnerability.

This document was written by Jason Rafail.

Other Information

  • CVE IDs: CAN-2001-0671
  • Date Public: 11 Sep 2001
  • Date First Published: 16 Oct 2001
  • Date Last Updated: 03 Jan 2002
  • Severity Metric: 9.84
  • Document Revision: 8