LPRng.Format.String

description-logoDescription

This indicates an attempt to exploit a format string vulnerability in the use_syslog() function in the RedHat Linux LPRng program.


A remote attacker can send a specially-crafted packet to the LPRng daemon on a target system to execute arbitrary code on the system.

affected-products-logoAffected Products

Trustix Trustix Secure Linux 1.1
Trustix Trustix Secure Linux 1.0
SCO eServer 2.3
SCO eDesktop 2.4
RedHat Linux 7.0
Caldera OpenLinux eBuilder 3.0
Caldera OpenLinux Desktop 2.3

Impact logoImpact

Attackers may execute arbitrary code with the privileges of the lpd process.

recomended-action-logoRecommended Actions

Upgrade the system to the latest non-vulnerable version.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)