Vulnerability Note VU#966075

HP-UX vulnerable to buffer overflow in line printer daemon (rlpdaemon) via crafted print request

Original Release date: 16 Oct 2001 | Last revised: 09 Nov 2001


The line printer daemon (rlpdaemon) on HP-UX systems enable various clients to share printers over a network. There exists a buffer overflow vulnerability in this daemon that permits remote execution of arbitrary commands with elevated privileges.


A buffer overflow exists in HP-UX's line printer daemon (rlpdaemon) that may allow an intruder to execute arbitrary code with superuser privilege on the target system. The rlpdaemon is installed by default and is active even if it is not being used. An intruder does not need any prior knowledge, or privileges on the target system in order to exploit this vulnerability.


An intruder can execute arbitrary commands.


Hewlett-Packard has released HPSBUX0108-163 to address this issue. Please see the vendor statement for instructions and patches.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
Hewlett PackardAffected-04 Oct 2001
AppleNot Affected04 Sep 200101 Nov 2001
CalderaNot Affected04 Sep 200131 Oct 2001
CrayNot Affected-01 Nov 2001
EngardeNot Affected-01 Nov 2001
FreeBSDNot Affected-05 Nov 2001
FujitsuNot Affected-31 Oct 2001
IBMNot Affected-31 Oct 2001
Red HatNot Affected-08 Nov 2001
SunNot Affected-01 Nov 2001
Compaq Computer CorporationUnknown-05 Nov 2001
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A



This vulnerability was discovered and researched by Chris Spencer of Internet Security Systems (ISS). The CERT/CC wishes to thank ISS for the information contained in their advisory.

This document was written by Jason Rafail.

Other Information

  • CVE IDs: CAN-2001-0668
  • Date Public: 27 Aug 2001
  • Date First Published: 16 Oct 2001
  • Date Last Updated: 09 Nov 2001
  • Severity Metric: 18.75
  • Document Revision: 9


If you have feedback, comments, or additional information about this vulnerability, please send us email.