|
|
| |
| Internet Security Systems (ISS) X-Force has discovered a vulnerability in the HP-UX line printer daemon (rlpdaemon). This vulnerability may allow a remote or local attacker to execute arbitrary code with superuser privilege. |
| |
Credit:
The information has been provided by X-Force.
|
| |
Vulnerable systems:
HP-UX version 10.01
HP-UX version 10.10
HP-UX version 10.20
HP-UX version 11.00
HP-UX version 11.11
The line printer daemon allows printer sharing over a network of UNIX computers. HP-UX is shipped with a line printer daemon adapted from BSD Unix. The HP line printer daemon is similar to "in.lpd" in other UNIX variants.
A vulnerability exists in rlpdaemon that may allow remote attackers to send specially-crafted print requests, which can be used to create arbitrary files or directories on the target system. Given the ability to write to arbitrary files, remote attackers may gain access to the target system.
The rlpdaemon daemon is enabled by default and executed with superuser privilege. This vulnerability can be successfully exploited with no local account or specific knowledge of the target system's configuration.
Recommendations:
ISS X-Force recommends that all system administrators who have not implemented network printing should immediately disable rlpdaemon and any other unused services. HP will make the following patches available to address the vulnerability described in this advisory:
HP-UX 10.01 PHCO_25107
HP-UX 10.10 PHCO_25108
HP-UX 10.20 PHCO_25109
HP-UX 11.00 PHCO_25110
HP-UX 11.11 PHCO_25111
To access these patches when they become available, visit: http://itrc.hp.com
|
|
|
