Vulnerability Name:

CCN-13735

Published:2003-11-11
Updated:2003-11-11
Summary:The printer service (lpd) enables printing from either the local computer or a remote system. Programming flaws in this service mean that the service is susceptible to buffer overflow attacks. Access should only be allowed from remote systems that require access. To verify that the configuration of TCP Wrappers is correct, use the tcpdchk and tcpdmatch utilities. Because TCP Wrappers does not 'fail safe', it is advisable to put an 'ALL: ALL' entry in the /etc/hosts.deny file, and then explicitly allow required services in the /etc/hosts.allow file.
CVSS v3 Severity:
CVSS v2 Severity:
Vulnerability Consequences:Informational
References:Source: CCN
Type: SANS Web site
The Twenty Most Critical Internet Security Vulnerabilities

Source: XF
Type: UNKNOWN
lpd-wrapper-allow(13735)

Vulnerable Configuration:Configuration CCN 1:
  • cpe:/o:hp:hp-ux:10.20:*:*:*:*:*:*:*
  • AND
  • cpe:/o:sun:solaris:2.6::sparc:*:*:*:*:*
  • OR cpe:/o:sun:solaris:8::sparc:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.3:*:*:*:*:*:*:*
  • OR cpe:/o:sun:solaris:9::sparc:*:*:*:*:*
  • OR cpe:/o:sun:solaris:7.0::sparc:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    hp hp-ux 10.20
    sun solaris 2.6
    sun solaris 8
    hp hp-ux 11
    redhat linux 7
    redhat linux 7.1
    redhat linux 7.2
    redhat linux 7.3
    sun solaris 9
    sun solaris 7.0