Author: JT Smith
Posted at LWN.net: The LPRng port, versions prior to 3.6.26, contains a potential vulnera-
bility which may allow root compromise from both local and remote systems.
The vulnerability is due to incorrect usage of the syslog(3) function.
Local and remote users can send string-formatting operators to the print-
er daemon to corrupt the daemon’s execution, potentially gaining root
access.
bility which may allow root compromise from both local and remote systems.
The vulnerability is due to incorrect usage of the syslog(3) function.
Local and remote users can send string-formatting operators to the print-
er daemon to corrupt the daemon’s execution, potentially gaining root
access.
Category:
- Linux