ISS X-Force Database: hp-rlpdaemon-logic-flaw(7234): HP-UX rlpdaemon logic flaw could allow arbitrary code execution

HP-UX rlpdaemon logic flaw could allow arbitrary code execution

hp-rlpdaemon-logic-flaw (7234)

High Risk

Description:

Many commercial and open-source operating systems are adapted from BSD Unix. HP-UX is shipped with a line printer daemon adapted from BSD Unix that is similar to in.lpd in other Unix variants. The Line Printer Daemon is used to allow heterogeneous Unix environments to share printers over a network.

A logic flaw vulnerability in rlpdaemon may allow remote attackers to send a specially-crafted print request to create arbitrary files or directories on the target system. Given the ability to write to arbitrary files, remote attackers may gain access to the target system. This vulnerability is particularly serious because rlpdaemon is installed and configured by default and is active even if it is not being used. An attacker requires no local account or knowledge of the configuration on the target system to successfully exploit this vulnerability.

Platforms Affected:

HP, HP-UX 10.01
HP, HP-UX 10.10
HP, HP-UX 10.20
HP, HP-UX 11.00
HP, HP-UX 11.11

Remedy:

Apply the appropriate patch for your system, as listed in Internet Security Systems Security Advisory #102. See References.

Consequences:

Gain Access

References:

CERT Advisory CA-2001-32, Buffer Overflow in HP-UX Line Printer Daemon at http://www.cert.org/advisories/CA-2001-32.html.
CIAC Information Bulletin M-021, Hewlett-Packard Remote Logic Flaw Vulnerability in rlpdaemon at http://www.ciac.org/ciac/bulletins/m-021.shtml.
Hewlett-Packard Company Security Bulletin HPSBUX0111-176, Sec. Vulnerability in rlpdaemon at http://online.securityfocus.com/advisories/3668. (From SecurityFocus archive.)
Internet Security Systems Security Alert #102, Remote Logic Flaw Vulnerability in HP-UX Line Printer Daemon at http://www.iss.net/xforce/alerts/id/advise102.
BID-3561: HP-UX Remote Line Printer Daemon Logic Flaw Vulnerability
CVE-2001-0817: Vulnerability in HP-UX line printer daemon (rlpdaemon) in HP-UX 10.01 through 11.11 allows remote attackers to modify arbitrary files and gain root privileges via a certain print request.
US-CERT VU#638011: HP-UX Line Printer Daemon Vulnerable to Directory Traversal

Reported:

Nov 20, 2001

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page