FreeBSD apsfilter lpd Arbitrary Command Execution

2000-06-07T00:00:00
ID OSVDB:1389
Type osvdb
Reporter OSVDB
Modified 2000-06-07T00:00:00

Description

Vulnerability Description

APS Filter Development Team apsfilter contains a flaw that when used on FreeBSD may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when apsfilter, which uses the lpd printing daemon with a setuid of root, insecurely reads filter configurations created by a malicious user. This flaw may lead to a loss of integrity.

Solution Description

Upgrade to version the apsfilter package to version 5.4.2 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround: deinstall the apsfilter port/package.

Short Description

APS Filter Development Team apsfilter contains a flaw that when used on FreeBSD may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when apsfilter, which uses the lpd printing daemon with a setuid of root, insecurely reads filter configurations created by a malicious user. This flaw may lead to a loss of integrity.

References:

Vendor URL: http://www.freebsd.org Vendor URL: http://www.apsfilter.org/ Vendor Specific Advisory URL Mail List Post: http://archives.neohapsis.com/archives/freebsd/2000-06/0030.html ISS X-Force ID: 4617 Generic Informational URL: http://people.freebsd.org/~andreas/apsfilter/ CVE-2000-0534 Bugtraq ID: 1325