vendor:
OpenServer 5.0.6
by:
SecurityFocus
7.2
CVSS
HIGH
Buffer Overflow
120
CWE
Product Name: OpenServer 5.0.6
Affected Version From: 5.0.6
Affected Version To: 5.0.6
Patch Exists: NO
Related CWE: N/A
CPE: SCO:OpenServer_5.0.6
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Unix
2001
SCO OpenServer 5.0.6 Buffer Overflow Vulnerability
SCO OpenServer 5.0.6 (and possibly earlier versions) ships with several suid bin executables used in printer administration and related tasks. This includes lpusers, a component used to set the queue priority of jobs submitted to the LP print service by users. 'lpusers' contains a locally exploitable buffer overflow vulnerability that occurs when commandline arguments are of excessive length. If properly exploited, this can yield root privilege to the attacker.
Mitigation:
Ensure that lpusers is not setuid root, and that users are not allowed to submit jobs to the LP print service.