Vulnerability Note VU#466239

IBM AIX line printer daemon contains a buffer overflow in chk_fhost()

Overview

The Line Printer daemon (lpd) shipped with AIX systems contains a buffer overflow in chk_fhost() that potentially allow a malicious remote user to gain root privileges.

I. Description

A buffer overflow exists in the chk_fhost() function of the line printer daemon (lpd) on AIX systems. An intruder could exploit this vulnerability to obtain root privileges or cause a denial of service (DoS). The intruder would need control of the DNS server to exploit this vulnerability.

II. Impact

An intruder could exploit this vulnerability to obtain root privileges, or cause a denial of service (DoS).

III. Solution

IBM has released a VULNERABILITY SUMMARY. Please see the vendor statement for patches and instructions.

Systems Affected

Vendor	Status	Date Notified
Apple	Not Vulnerable	9-Nov-2001
Caldera	Not Vulnerable	1-Nov-2001
Compaq Computer Corporation	Unknown	5-Nov-2001
Cray	Not Vulnerable	1-Nov-2001
Engarde	Not Vulnerable	1-Nov-2001
FreeBSD	Not Vulnerable	5-Nov-2001
Fujitsu	Not Vulnerable	1-Nov-2001
IBM	Vulnerable	4-Oct-2001
Red Hat	Not Vulnerable	8-Nov-2001
Sun	Not Vulnerable	1-Nov-2001

References

http://www.uniras.gov.uk/l1/l2/l3/brief2001/UNIRAS%20Briefing%20-%2016301%20-%20IBM%20%20-%20Buffer%20Overflow%20Vulnerabilities%20in%20lpd.txt
http://archives.neohapsis.com/archives/bugtraq/2001-09/0084.html

Credit

The CERT/CC wishes to thank IBM for their help in identifying and analyzing this vulnerability.

This document was written by Jason Rafail.

Other Information

Date Public:	2001-09-11
Date First Published:	2001-10-16
Date Last Updated:	2002-01-03
CERT Advisory:
CVE-ID(s):	CAN-2001-0671
NVD-ID(s):	CAN-2001-0671
US-CERT Technical Alerts:
Metric:	9.84
Document Revision:	8

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Get Adobe Reader