漏洞信息详情
Vendor LPRM多个本地缓冲区溢出漏洞
- CNNVD编号:CNNVD-200303-087
- 危害等级: 高危
![图片[1]-Vendor LPRM多个本地缓冲区溢出漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-05-12/bbdd3e8868c10d22861b2275d65f4500.png)
- CVE编号:
CVE-2003-0144
- 漏洞类型:
缓冲区溢出
- 发布时间:
2003-03-31
- 威胁类型:
本地
- 更新时间:
2005-10-20
- 厂 商:
lprold - 漏洞来源:
Discovery credited… -
漏洞简介
SuSE 7.1到7.3版本,以及OpenBSD 3.2及其更早版本,可能还包括其他操作系统中的lprold lpr数据包的lprm命令存在缓冲区溢出漏洞。本地用户可以借助超长命令参数行如(1)request ID,或(2)user name获取根权限。
漏洞公告
A patch for OpenBSD has been made available.
SGI has released an advisory (20030406-01-P) containing fixes that address this issue. Users are advised to upgrade as soon as possible.
Debian has revised its advisory. New fixes for Debian 2.2 (potato) are available. Please see the referenced advisory for further details.
Mandrake has released a security advisory (MDKSA-2003:059) containing fixes which address this issue. Users are advised to upgrade as soon as possible.
OpenBSD OpenBSD 3.2
-
OpenBSD 010_lprm.patch
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/010_lprm.patch
OpenBSD OpenBSD 3.1
-
OpenBSD 023_lprm.patchPatch for OpenBSD 3.1.
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.1/common/023_lprm.patch
BSD lpr 2000.05.07
-
Debian lpr_2000.05.07-4.3_alpha.debDebian GNU/Linux 3.0 alias woody.
http://security.debian.org/pool/updates/main/l/lpr/lpr_2000.05.07-4.3_
alpha.deb -
Debian lpr_2000.05.07-4.3_arm.debDebian GNU/Linux 3.0 alias woody.
http://security.debian.org/pool/updates/main/l/lpr/lpr_2000.05.07-4.3_
arm.deb -
Debian lpr_2000.05.07-4.3_hppa.debDebian GNU/Linux 3.0 alias woody.
http://security.debian.org/pool/updates/main/l/lpr/lpr_2000.05.07-4.3_
hppa.deb -
Debian lpr_2000.05.07-4.3_i386.debDebian GNU/Linux 3.0 alias woody.
http://security.debian.org/pool/updates/main/l/lpr/lpr_2000.05.07-4.3_
i386.deb -
Debian lpr_2000.05.07-4.3_ia64.debDebian GNU/Linux 3.0 alias woody.
http://security.debian.org/pool/updates/main/l/lpr/lpr_2000.05.07-4.3_
ia64.deb -
Debian lpr_2000.05.07-4.3_m68k.debDebian GNU/Linux 3.0 alias woody.
http://security.debian.org/pool/updates/main/l/lpr/lpr_2000.05.07-4.3_
m68k.deb -
Debian lpr_2000.05.07-4.3_mips.debDebian GNU/Linux 3.0 alias woody.
http://security.debian.org/pool/updates/main/l/lpr/lpr_2000.05.07-4.3_
mips.deb -
Debian lpr_2000.05.07-4.3_mipsel.debDebian GNU/Linux 3.0 alias woody.
http://security.debian.org/pool/updates/main/l/lpr/lpr_2000.05.07-4.3_
mipsel.deb -
Debian lpr_2000.05.07-4.3_powerpc.debDebian GNU/Linux 3.0 alias woody.
http://security.debian.org/pool/updates/main/l/lpr/lpr_2000.05.07-4.3_
powerpc.deb -
Debian lpr_2000.05.07-4.3_s390.debDebian GNU/Linux 3.0 alias woody.
http://security.debian.org/pool/updates/main/l/lpr/lpr_2000.05.07-4.3_
s390.deb -
Debian lpr_2000.05.07-4.3_sparc.debDebian GNU/Linux 3.0 alias woody.
http://security.debian.org/pool/updates/main/l/lpr/lpr_2000.05.07-4.3_
sparc.deb
BSD lpr 0.48
-
Debian lpr_0.48-1.2_alpha.deb
http://security.debian.org/pool/updates/main/l/lpr/lpr_0.48-1.2_alpha.
deb -
Debian lpr_0.48-1.2_arm.deb
http://security.debian.org/pool/updates/main/l/lpr/lpr_0.48-1.2_arm.de
b -
Debian lpr_0.48-1.2_i386.deb
http://security.debian.org/pool/updates/main/l/lpr/lpr_0.48-1.2_i386.d
eb -
Debian lpr_0.48-1.2_m68k.deb
http://security.debian.org/pool/updates/main/l/lpr/lpr_0.48-1.2_m68k.d
eb -
Debian lpr_0.48-1.2_powerpc.deb
http://security.debian.org/pool/updates/main/l/lpr/lpr_0.48-1.2_powerp
c.deb -
Debian lpr_0.48-1.2_sparc.deb
http://security.debian.org/pool/updates/main/l/lpr/lpr_0.48-1.2_sparc.
deb
BSD lpr 0.72
-
Mandrake lpr-0.72-3.1mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php -
Mandrake lpr-0.72-3.1mdk.ppc.rpm
http://www.mandrakesecure.net/en/ftp.php
lpr-ppd lpr-ppd 0.72
-
Debian lpr-ppd_0.72-2.1_alpha.deb
http://security.debian.org/pool/updates/main/l/lpr-ppd/lpr-ppd_0.72-2.
1_alpha.deb -
Debian lpr-ppd_0.72-2.1_arm.deb
http://security.debian.org/pool/updates/main/l/lpr-ppd/lpr-ppd_0.72-2.
1_arm.deb -
Debian lpr-ppd_0.72-2.1_hppa.deb
http://security.debian.org/pool/updates/main/l/lpr-ppd/lpr-ppd_0.72-2.
1_hppa.deb -
Debian lpr-ppd_0.72-2.1_i386.deb
http://security.debian.org/pool/updates/main/l/lpr-ppd/lpr-ppd_0.72-2.
1_i386.deb -
Debian lpr-ppd_0.72-2.1_ia64.deb
http://security.debian.org/pool/updates/main/l/lpr-ppd/lpr-ppd_0.72-2.
1_ia64.deb -
Debian lpr-ppd_0.72-2.1_m68k.deb
http://security.debian.org/pool/updates/main/l/lpr-ppd/lpr-ppd_0.72-2.
1_m68k.deb -
Debian lpr-ppd_0.72-2.1_mips.deb
http://security.debian.org/pool/updates/main/l/lpr-ppd/lpr-ppd_0.72-2.
1_mips.deb -
Debian lpr-ppd_0.72-2.1_mipsel.deb
http://security.debian.org/pool/updates/main/l/lpr-ppd/lpr-ppd_0.72-2.
1_mipsel.deb -
Debian lpr-ppd_0.72-2.1_powerpc.deb
http://security.debian.org/pool/updates/main/l/lpr-ppd/lpr-ppd_0.72-2.
1_powerpc.deb -
Debian lpr-ppd_0.72-2.1_s390.deb
参考网址
来源: BID
名称: 7025
链接:http://www.securityfocus.com/bid/7025来源: XF
名称: lprm-bo(11473)
链接:http://xforce.iss.net/xforce/xfdb/11473来源: SUSE
名称: SuSE-SA:2003:0014
链接:http://www.novell.com/linux/security/advisories/2003_014_lprold.html来源: DEBIAN
名称: DSA-275
链接:http://www.debian.org/security/2003/dsa-275来源: DEBIAN
名称: DSA-267
链接:http://www.debian.org/security/2003/dsa-267来源: SGI
名称: 20030406-02-P
链接:ftp://patches.sgi.com/support/free/security/advisories/20030406-02-P来源: ftp.openbsd.org
链接:ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/010_lprm.patch来源: MANDRAKE
名称: MDKSA-2003:059
链接:http://www.mandriva.com/security/advisories?name=MDKSA-2003:059来源: SECUNIA
名称: 8293
链接:http://secunia.com/advisories/8293来源: BUGTRAQ
名称: 20030308 OpenBSD lprm(1) exploit
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=104714441925019&w=2来源: BUGTRAQ
名称: 20030305 potential buffer overflow in lprm (fwd)
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=104690434504429&w=2
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
