|
Family: Debian Local Security Checks --> Category: infos
[DSA285] DSA-285-1 lprng Vulnerability Scan
Vulnerability Scan Summary DSA-285-1 lprng
Detailed Explanation for this Vulnerability Test
Karol Lewandowski discovered that psbanner, a printer filter that
creates a PostScript format banner and is part of LPRng, insecurely
creates a temporary file for debugging purpose when it is configured
as filter. The program does not check whether this file already
exists or is linked to another place, psbanner writes its current environment
and called arguments to the file unconditionally with the user id
daemon.
For the stable distribution (woody) this problem has been fixed in
version 3.8.10-1.2.
The old stable distribution (potato) is not affected by this problem.
For the unstable distribution (sid) this problem has been fixed in
version 3.8.20-4.
We recommend that you upgrade your lprng package.
Solution : http://www.debian.org/security/2003/dsa-285
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|