Multiple BSD Vendor lpd 缓冲区溢出漏洞

漏洞信息详情

Multiple BSD Vendor lpd 缓冲区溢出漏洞

CNNVD编号：CNNVD-200110-020
危害等级：高危-->
危害等级：高危
CVE编号： CVE-2001-0670
漏洞类型：缓冲区溢出
发布时间： 2001-10-03
威胁类型：远程
更新时间： 2005-05-02
厂商： openbsd
漏洞来源： .');">Discovered by X-Fo...

漏洞简介

多种BSD-based操作系统的printer daemon (in.lpd or lpd)的BSD存在缓冲区溢出漏洞。远程攻击者可以借助带有显示打印队列请求的不完整打印工作执行任意代码。

漏洞公告

WindRiver has released a fix for BSD/OS version 4.1. Patches will be available from other affected vendors soon. Security Focus recommends disabling the service or blocking outside access to it immediately. This may be accomplished by terminating the processes/disabling the service on the affected hosts or implementing strict network access controls limiting access to the service. Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] . FreeBSD FreeBSD 3.0

FreeBSD 3.x-4.2 lpd-3.x-4.2.patch ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-01:58/lpd-3.x-4.2.pa tch

FreeBSD FreeBSD 3.1

FreeBSD 3.x-4.2 lpd-3.x-4.2.patch ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-01:58/lpd-3.x-4.2.pa tch

FreeBSD FreeBSD 3.2

FreeBSD 3.x-4.2 lpd-3.x-4.2.patch ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-01:58/lpd-3.x-4.2.pa tch

FreeBSD FreeBSD 3.3

FreeBSD 3.x-4.2 lpd-3.x-4.2.patch ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-01:58/lpd-3.x-4.2.pa tch

FreeBSD FreeBSD 3.4

FreeBSD 3.x-4.2 lpd-3.x-4.2.patch ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-01:58/lpd-3.x-4.2.pa tch

FreeBSD FreeBSD 3.5

FreeBSD 3.x-4.2 lpd-3.x-4.2.patch ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-01:58/lpd-3.x-4.2.pa tch

FreeBSD FreeBSD 3.5.1

FreeBSD 3.x-4.2 lpd-3.x-4.2.patch ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-01:58/lpd-3.x-4.2.pa tch

FreeBSD FreeBSD 4.0

FreeBSD 3.x-4.2 lpd-3.x-4.2.patch ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-01:58/lpd-3.x-4.2.pa tch

BSDI BSD/OS 4.1

BSDI 4.1 M410-044 http://www.BSDI.COM/services/support/patches/patches-4.1/M410-044

FreeBSD FreeBSD 4.1

FreeBSD 3.x-4.2 lpd-3.x-4.2.patch ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-01:58/lpd-3.x-4.2.pa tch

FreeBSD FreeBSD 4.1.1

FreeBSD 3.x-4.2 lpd-3.x-4.2.patch ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-01:58/lpd-3.x-4.2.pa tch

FreeBSD FreeBSD 4.2

FreeBSD 3.x-4.2 lpd-3.x-4.2.patch ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-01:58/lpd-3.x-4.2.pa tch

SCO Open Server 5.0.1

Caldera Open Server 5 lpd.tar.Z ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.20/lpd.t ar.Z

SCO Open Server 5.0.2

Caldera Open Server 5 lpd.tar.Z ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.20/lpd.t ar.Z

SCO Open Server 5.0.3

Caldera Open Server 5 lpd.tar.Z ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.20/lpd.t ar.Z

SCO Open Server 5.0.4

Caldera Open Server 5 lpd.tar.Z ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.20/lpd.t ar.Z

SCO Open Server 5.0.5

Caldera Open Server 5 lpd.tar.Z ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.20/lpd.t ar.Z

SCO Open Server 5.0.6 a

Caldera Open Server 5 lpd.tar.Z ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.20/lpd.t ar.Z

SCO Open Server 5.0.6

Caldera Open Server 5 lpd.tar.Z ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.20/lpd.t ar.Z

S.u.S.E. Linux 6.3

S.u.S.E. 6.3 i386 lprold-3.0.48-275.i386.rpm ftp://ftp.suse.com/pub/suse/i386/update/6.3/n1/lprold-3.0.48-275.i386. rpm

S.u.S.E. Linux 6.3 alpha

S.u.S.E. 6.3 alpha lprold-3.0.48-215.alpha.rpm ftp://ftp.suse.com/pub/suse/axp/update/6.3/n1/lprold-3.0.48-215.alpha. rpm

S.u.S.E. Linux 6.4 ppc

S.u.S.E. 6.4 ppc lprold-3.0.48-200.ppc.rpm ftp://ftp.suse.com/pub/suse/ppc/update/6.4/n1/lprold-3.0.48-200.ppc.rp m

S.u.S.E. Linux 6.4 alpha

S.u.S.E. 6.4 alpha lprold-3.0.48-215.alpha.rpm ftp://ftp.suse.com/pub/suse/axp/update/6.4/n1/lprold-3.0.48-215.alpha. rpm

S.u.S.E. Linux 6.4

S.u.S.E. 6.4 i386 lprold-3.0.48-275.i386.rpm ftp://ftp.suse.com/pub/suse/i386/update/6.4/n1/lprold-3.0.48-275.i386. rpm

S.u.S.E. Linux 7.0 ppc

S.u.S.E. 7.0 ppc lprold-3.0.48-200.ppc.rpm ftp://ftp.suse.com/pub/suse/ppc/update/7.0/n1/lprold-3.0.48-200.ppc.rp m

S.u.S.E. Linux 7.0

S.u.S.E. 7.0 i386 lprold-3.0.48-275.i386.rpm ftp://ftp.suse.com/pub/suse/i386/update/7.0/n1/lprold-3.0.48-275.i386. rpm

S.u.S.E. Linux 7.0 sparc

S.u.S.E. 7.0 sparc lprold-3.0.48-216.sparc.rpm ftp://ftp.suse.com/pub/suse/spa

参考网址

来源:US-CERT Vulnerability Note: VU#274043 名称: VU#274043 链接:http://www.kb.cert.org/vuls/id/274043 来源:CERT/CC Advisory: CA-2001-30 名称: CA-2001-30 链接:http://www.cert.org/advisories/CA-2001-30.html 来源: ISS 名称: 20010829 Remote Buffer Overflow Vulnerability in BSD Line Printer Daemon 链接:http://xforce.iss.net/alerts/advise94.php 来源: OPENBSD 名称: 20010829 链接:http://www.openbsd.com/errata28.html 来源: CALDERA 名称: CSSA-2001-SCO.20 链接:ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.20/CSSA-2001-SCO.20.txt 来源: XF 名称: bsd-lpd-bo(7046) 链接:http://xforce.iss.net/static/7046.php 来源: BID 名称: 3252 链接:http://www.securityfocus.com/bid/3252 来源: REDHAT 名称: RHSA-2001:147 链接:http://www.redhat.com/support/errata/RHSA-2001-147.html 来源: NETBSD 名称: NetBSD-SA2001-018 链接:ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-018.txt.asc

受影响实体

Openbsd Openbsd

补丁

暂无

正文

Multiple BSD Vendor lpd 缓冲区溢出漏洞

漏洞信息详情