Intrusion Prevention

Rlpr.msg.Format.String

Description

It indicates a possible exploit of "msg() format string" vulnerability in rlpr daemon.


rlpr daemon is a package that makes possible printing remote files to local printer. A format string vulnerability is reported in its msg() function that may allow an attacker to execute arbitrary code on the vulnerable system. A remote attacker could exploit this vulnerability to overflow a buffer via format string specifies in a buffer that can not be resolved, which is provided to the syslog function and execute arbitrary code on the system with privileges of the rlprd process.

Affected Products

rlpr version 2.0 through 2.0.4

Impact

Compromised of the affected system.

Recommended Actions

Upgrade to the latest rlpr package from the following URL:
http://security.debian.org/pool/updates/main/r/rlpr

CVE References

CVE-2004-0393

Other References

1