Name | sol_printer_conf |
---|---|
CVE | CVE-2008-2144 Exploit Pack |
VENDOR: Sun | |
Advisory: http://sunsolve.sun.com/search/document.do?assetkey=1-66-236884-1 | |
Notes: |
This exploit gets remote root on Solaris servers given a working printer
name.
Resolved by:
SPARC Platform
x86 Platform
Guessing the wrong printer gives a log message in /var/adm/messages
Jun 4 12:00:56 unknown bsd-gw[1979]: [ID 937800 lpr.error] request to printer (unknown printer) from ::ffff:192.168.172.1
Locally:
cat /var/spool/lp/system/pstatus
Will print out a list of printers. huhu2 is the printer name below:
+==========
huhu2
enabled accepting
1210965172 1210965198
new printer
new destination
Date public: 5/9/2008
CVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2144
CVSS: 10.0