LPRng.Format.String
Description
This indicates an attempt to exploit a format string vulnerability in the use_syslog() function in the RedHat Linux LPRng program.
A remote attacker can send a specially-crafted packet to the LPRng daemon on a target system to execute arbitrary code on the system.
Affected Products
Trustix Trustix Secure Linux 1.1
Trustix Trustix Secure Linux 1.0
SCO eServer 2.3
SCO eDesktop 2.4
RedHat Linux 7.0
Caldera OpenLinux eBuilder 3.0
Caldera OpenLinux Desktop 2.3
Impact
Attackers may execute arbitrary code with the privileges of the lpd process.
Recommended Actions
Upgrade the system to the latest non-vulnerable version.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |