Description
Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands.
Affected products
- caldera / openlinux
- caldera / openlinux_ebuilder3.0 β 3.0
- caldera / openlinux_edesktop2.4 β 2.4
- caldera / openlinux_eserver2.3 β 2.3
- RedHat / linux7.0 β 7.0
- trustix / secure_linux1.0 β 1.0
- trustix / secure_linux1.1 β 1.1
References
- VENDOR_ADVISORYftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:56.lprng.asc
- VENDOR_ADVISORYhttp://www.calderasystems.com/support/security/advisories/CSSA-2000-033.0.txt
- VENDOR_ADVISORYhttp://www.cert.org/advisories/CA-2000-22.html
- MISChttp://archives.neohapsis.com/archives/bugtraq/2000-09/0293.html
- MISChttp://www.redhat.com/support/errata/RHSA-2000-065.html
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/5287
- MISChttp://www.securityfocus.com/bid/1712