[Groff] Groff 1.17.2 and "Remote Linux Groff Exploitation via lpd"

groff

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Groff] Groff 1.17.2 and "Remote Linux Groff Exploitation via lpd"

From:	Tobias Burnus
Subject:	[Groff] Groff 1.17.2 and "Remote Linux Groff Exploitation via lpd"
Date:	Thu, 2 Aug 2001 17:53:02 +0200 (CEST)

Hi,

is the current groff version vulnerable against this:

"Remote Linux Groff Exploitation via lpd"
http://www.securityfocus.com/bid/3103

It says:
lpd is the print spooling daemon. It is used to support network printing
on a variety of unix platforms.

The version of lpd that ships with linux systems invokes groff to process
documents that are to be printed. The groff utility used to process
images, 'pic', contains a vulnerability that can be exploited to execute
arbitrary commands on the victim.

It may be possible for remote attackers to exploit this vulnerability
through lpd.
---------

The patch contains some sprintf -> snprintf patches (plus more) and in the
diffs I didn't found such a change, so it seems to be vulnerable.

Gruss,

Tobias

[Prev in Thread]

Current Thread

[Next in Thread]

[Groff] Groff 1.17.2 and "Remote Linux Groff Exploitation via lpd", Tobias Burnus <=

Prev by Date: [Groff] Re: Bug#107459: pic can be forced to run commands in safe mode
Next by Date: [Groff] Re: Bug#107459: pic can be forced to run commands in safe mode
Previous by thread: [Groff] Re: Bug#107459: pic can be forced to run commands in safe mode
Next by thread: [Groff] Re: [OT] Printing from groff in cygwin
Index(es):
- Date
- Thread