Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

solaris-lpstat-bof.txt

🗓️ 17 Aug 1999 00:00:00Reported by HERTType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 17 Views

Buffer overflow in Solaris lpstat allows local users to gain root privileges. Fix recommended.

Code
`Date: Wed, 27 Jan 1999 16:53:51 +0100  
From: Anthony C . Zboralski <[email protected]>  
To: [email protected]  
Subject: [HERT] Advisory #001 Buffer overflow in Solaris /usr/bin/lpstat  
  
-----BEGIN PGP SIGNED MESSAGE-----  
  
- -------------------------------------------------------------  
HERT - Hacker Emergency Response Team  
[email protected] - http://www.hert.org  
  
Advisory: #00001  
Title: lpstat  
Date: 26 January 1999   
Summary: Buffer overflow in Solaris /usr/bin/lpstat  
System affected: Solaris 2.6, 2.6_x86, 2.7, 2.7_x86  
IMPACT: Local users may obtain root priviledge.  
- --------------------------------------------------------------  
  
Copyright (C) 1999 Hacker Emergency Response Team  
  
Permission is granted to reproduce and distribute HERT advisories in their  
entirety, provided the HERT PGP signature is included and provided the alert is used for noncommercial purposes and with the intent of increasing  
the aware-  
ness of the Internet community.  
  
This advisory is distributed in the hope that it will be useful,  
but WITHOUT ANY WARRANTY; without even the implied warranty of  
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  
  
1. Background:  
  
The lpstat command prints information about the current  
status of the LP print service.  
  
On Solaris 2.6 and 2.7, /usr/bin/lpstat is suid root and we've found it  
to be vulnerable to a buffer overflow.  
  
Exploit code for this vulnerability is in circulation.  
  
  
2. Affected Supported versions  
  
Solaris versions: 2.7, 2.7_x86, 2.6, 2.6_x86  
  
3. Recommendations  
  
Temporary fix:  
  
chmod -s /usr/bin/lpstat  
chmod -s /usr/bin/lpq  
  
Wait for Sun to issue a patch that will correct this problem.  
  
  
To subscribe to the HERT Alert mailing list, email [email protected]  
with subscribe in the body of the message.  
  
Contact [email protected] for more information.  
The HERT PGP public key is available at ftp://ftp.hert.org/pub/HERT_PGP.key  
  
To report a vulnerability: http://www.hert.org/vul_reporting_form  
  
  
-----BEGIN PGP SIGNATURE-----  
Version: 2.6.3ia  
Charset: latin1  
  
iQCVAwUBNq82VbiV3oeHg1NdAQH9MAQAtEDQxHaDdlDNP/B8Bl785Y4nDidgJYyR  
TZwJl/QD/0g/Q0IoX80muxw8fR2+XKnyq7qqhaI1EhC+1z0ScPjPWWOa12oKTKAG  
hFGpLdq5WdVrmHf1X9b90ZD5ov9KIsDuVxSTpUv0dPCCvxfSJb4Zdbr2+lQDjks/  
orxjIwo5jgY=  
=NG0f  
-----END PGP SIGNATURE-----  
--  
To UNSUBSCRIBE, email to [email protected]  
with "unsubscribe" in the body. Trouble? Contact [email protected]  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
17 Aug 1999 00:00Current
7.4High risk
Vulners AI Score7.4
buffer overflowsolaris systemlpstat commandroot privilegeexploit codetemporary fix
17