Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Red Hat Local Security Checks --> Category: infos

RHSA-2003-150: LPRng Vulnerability Scan

Vulnerability Scan Summary
Check for the version of the LPRng packages

Detailed Explanation for this Vulnerability Test

Updated LPRng packages resolving a temporary file vulnerability are now

LPRng is a print spooler. LPRng includes a program, psbanner, that can be
used to produce Postscript banner pages to separate print jobs.

A vulnerability has been found in psbanner, which creates in an insecure
manner a temporary file with a known filename. A possible hacker could create a
symbolic link and cause arbitrary files to be written as the lp user.

Note: psbanner is not used by the default Red Hat Enterprise Linux LPRng

Users that have configured LPRng to use psbanner should install these
updated packages, which contain a patch so that psbanner does not create
the temporary file.

Solution :
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.