The HP Tru64 UNIX implementation of "lpr" contains a locally exploitable buffer overflow.
"lpr" is used to send files to a print spool. A locally exploitable buffer overflow in "lpr" may permit a local attacker to gain elevated privileges and execute arbitrary code on a vulnerable host.
A local user may be able to gain elevated privileges and execute arbitrary code.
Apply a patch.
Vendor| Status| Date Notified| Date Updated
Hewlett-Packard Company| | -| 06 Sep 2002
If you are a vendor and your product is affected, let us know.
Group | Score | Vector
Base | N/A | N/A
Temporal | N/A | N/A
Environmental | N/A | N/A
This document was written by Ian A Finlay.