Family: Gain root remotely --> Category: destructive_attack
Solaris lpd remote command execution Vulnerability Scan
Vulnerability Scan Summary
Reads the remote password file, thanks to lpd
Detailed Explanation for this Vulnerability Test
The remote lpd daemon is vulnerable to an
environment error which may allow a possible hacker
to execute arbitrary commands on this host.
Nessus uses this vulnerability to retrieve the
password file of the remote host although any
command could be executed.
Solution : None at this time. Disable this service.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.