BSDI Information for VU#274043

BSD Line Printer Daemon vulnerable to buffer overflow via crafted print request



Vendor Statement

The current (BSD/OS 4.2) release is not vulnerable. Systems are only vulnerable to attack from hosts which are allowed via the /etc/hosts.lpd file (which is empty as shipped).

BSD/OS 4.1 is the only vulnerable version which is still officially supported by Wind River Systems. A patch (M410-044) is available in the normal locations, or via our web site at

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References



The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.