|
Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2002:012: groff Vulnerability Scan
Vulnerability Scan Summary Check for the version of the groff package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2002:012 (groff).
zen-parse discovered an exploitable buffer overflow in groff's preprocessor. If
groff is invoked using the LPRng printing system, a possible hacker can gain rights as
the 'lp' user. Likewise, this may be remotely exploitable if lpd is running and
remotely accessible and the attacker knows the name of the printer and it's
spool file.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2002:012
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|