6569 matches found
Multiple Security Holes in LPPlus
LPPlus is Plus Technologies' print management system for unix. It contains several serious security holes, some of which undermine the integrity of the printing subsystem, some of which threaten the security of the system on which the product is installed. Details ------- Hole 1: Of the 74 binari...
LPPlus 3.2.2/3.3 - dccscan Unprivileged read
source: https://www.securityfocus.com/bid/1644/info $LPHOME/bin/dccscan is suid-root and can be executed by any user. It is possible for an unprivileged user to print files to which he does not have read access. In testing, this works even for printers to which the user is is not given any access...
LPPlus 3.2.2/3.3 - Permissions Denial of Service
source: https://www.securityfocus.com/bid/1643/info Vulnerability 1: Several files that are part of the LPPlus print management system are installed setuid root by default. These files include: $LPHOME/bin/dccsched $LPHOME/bin/dcclpdser $LPHOME/bin/dccbkst These start the scheduler, LPD server an...
CVE-2000-0232
Microsoft TCP/IP Printing Services, aka Print Services for Unix, allows an attacker to cause a denial of service via a malformed TCP/IP print request...
Remote DoS Attack in Windows 2000/NT 4.0 TCP/IP Print Request Server Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Remote DoS Attack in Windows 2000/NT 4.0 TCP/IP Print Request Server Vulnerability USSR Advisory Code: USSR-2000037 Release Date: March 28, 2000 Systems Affected: Microsoft Windows NT 4.0 Workstation Microsoft Windows NT 4.0 Server Microsoft Windows N...
Microsoft Windows NT 4.02000 - TCPIP Printing Service Denial of Service
Microsoft Windows NT 4.02000 - TCPIP Printing Service Denial of Service source: https://www.securityfocus.com/bid/1082/info The TCP/IP Printing Service also known as Print Services for Unix in Windows 2000 is the mechanism used for print service integration with Unix environments. It relies on po...
Microsoft Windows NT 4.0/2000 - TCP/IP Printing Service Denial of Service
source: https://www.securityfocus.com/bid/1082/info The TCP/IP Printing Service also known as Print Services for Unix in Windows 2000 is the mechanism used for print service integration with Unix environments. It relies on port 515 for data transmittal. A malformed print request sent to this...
CVE-1999-0899
The Windows NT 4.0 print spooler allows a local user to execute arbitrary commands due to inappropriate permissions that allow the user to specify an alternate print provider...
CVE-1999-0898
Buffer overflows in Windows NT 4.0 print spooler allow remote attackers to gain privileges or cause a denial of service via a malformed spooler request...
CVE-1999-0899
The CVE-1999-0899 issue concerns the Windows NT 4.0 print spooler. The vulnerability arises from inappropriate permissions that allow a local user to specify an alternate print provider, enabling the execution of arbitrary commands on the affected system. Across provided documents, this is consis...
DEBIAN-CVE-2000-1221
The line printer daemon lpd in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by...
CVE-1999-0898
Buffer overflows in Windows NT 4.0 print spooler allow remote attackers to gain privileges or cause a denial of service via a malformed spooler request...
CVE-1999-0899
The Windows NT 4.0 print spooler allows a local user to execute arbitrary commands due to inappropriate permissions that allow the user to specify an alternate print provider...
CVE-1999-0551
HP OpenMail can be misconfigured to allow users to run arbitrary commands using malicious print requests...
LPRng.txt
Subject: Security problem with LPRng To: [email protected] Hi all, During some recent work I've been doing with LPRng, I found that is is possible on a default LPRng installation to control the print queues on the LPRng server. Most default installations allow the root user at the localhost to...
rxvt.sh
There is a major security hole in rxvt, a terminal emulator for X, when it is run on systems suid root, as is required on many configurations in order to write to the utmp file. It is obvious from the code that this program was not written to be run suid root, its a pity that sysadmins that insta...
Debian 2.1 - Print Queue Control
Debian 2.1 - Print Queue Control // source: https://www.securityfocus.com/bid/508/info The LPRng software is an enhanced, extended, and portable version of the Berkeley LPR software the standard UNIX printer spooler that ships with Debian GNU/Linux. When root controls the print queue, the...
Debian 2.1 - Print Queue Control
// source: https://www.securityfocus.com/bid/508/info The LPRng software is an enhanced, extended, and portable version of the Berkeley LPR software the standard UNIX printer spooler that ships with Debian GNU/Linux. When root controls the print queue, the authentication that is used is based on...
HP LaserJet Printer Unauthenticated Access
The remote printer has no password set. This allows anyone to change its IP or potentially to intercept print jobs sent to it. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10172; scriptversion "1.29"; scriptcvsdate"Date: 2018/07/24 18:56:11";...
HP LaserJet Direct Print Filter Bypass
By connecting to this port directly, a remote attacker can send Postscript directly to the remote printer, bypassing lpd and page accounting. This is a threat, because an attacker may connect to this printer, force it to print pages of garbage, and make it run out of paper. If this printer is use...