SCO Information for VU#274043

BSD Line Printer Daemon vulnerable to buffer overflow via crafted print request

Status

Affected

Vendor Statement

___________________________________________________________________________

Caldera International, Inc. Security Advisory

Subject: OpenServer: remote buffer overflow vulnerability in BSD line printer daemon
Advisory number: CSSA-2001-SCO.20
Issue date: 2001 September 26
Cross reference:
___________________________________________________________________________



1. Problem Description

The BSD-derived lpd daemon is vulnerable to a buffer overflow.
This could be used by an unauthorized user to gain privilege.


2. Vulnerable Versions

Operating System Version Affected Files
------------------------------------------------------------------
OpenServer <= 5.0.6a /usr/lib/lpd
/usr/bin/lpstat


3. Workaround

None.


4. OpenServer

4.1 Location of Fixed Binaries

ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.20/


4.2 Verification

md5 checksums:

48f989acb3a6606181575b3b765cd89e lpd.tar.Z


md5 is available for download from

ftp://stage.caldera.com/pub/security/tools/


4.3 Installing Fixed Binaries

Upgrade the affected binaries with the following commands:

Download the tar file to /tmp
# cd /tmp
# uncompress lpd.tar.Z
# tar xvf lpd.tar
# mv /usr/lib/lpd /usr/lib/lpd-
# mv /usr/bin/lpstat /usr/bin/lpstat-
# cp lpstat /usr/bin
# chown bin /usr/bin/lpstat
# chgrp lp /usr/bin/lpstat
# chmod 2111 /usr/bin/lpstat
# cp lpd /usr/lib
# chown root /usr/lib/lpd
# chgrp bin /usr/lib/lpd
# chmod 2711 /usr/lib/lpd

5. References

http://xforce.iss.net/alerts/advise94.php

This and other advisories are located at
http://stage.caldera.com/support/security

This advisory addresses Caldera Security internal incident
sr851853.


6. Disclaimer

Caldera International, Inc. is not responsible for the misuse
of any of the information we provide on our website and/or
through our security advisories. Our advisories are a service
to our customers intended to promote secure installation and
use of Caldera International products.


7. Acknowledgements

Caldera International wishes to thank the Internet Security
Systems (ISS) X-Force for discovering and reporting this
problem.


___________________________________________________________________________

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.