local privilege escalation, in lprng, html2ps

2002-10-3111:02:36

lists.opensuse.org

0.04 Low

EPSS

Percentile

92.1%

JSON

The lprng package contains the “runlpr” program which allows the lp user to execute the lpr program as root. Local attackers can pass certain commandline arguments to lpr running as root, fooling it to execute arbitrary commands as root. This has been fixed. Note that this vulnerability can only be exploited if the attacker has previously gained access to the lp account.

OSVersionArchitecturePackageVersionFilename
openSUSE7.3i386html2ps< 1.0b3-457html2ps-1.0b3-457.i386.rpm
openSUSE7.1ppchtml2ps< 1.0b1-303html2ps-1.0b1-303.ppc.rpm
openSUSE7.3sparchtml2ps< 1.0b3-88html2ps-1.0b3-88.sparc.rpm
openSUSE7.2i386html2ps< 1.0b1-432html2ps-1.0b1-432.i386.rpm
openSUSE7.0ppchtml2ps< 1.0b1-302html2ps-1.0b1-302.ppc.rpm
openSUSE8.1i586lpdfilter< 0.43-63lpdfilter-0.43-63.i586.rpm
openSUSE7.0i386html2ps< 1.0b1-428html2ps-1.0b1-428.i386.rpm
openSUSE8.0i386html2ps< 1.0b3-456html2ps-1.0b3-456.i386.rpm
openSUSE7.1i386html2ps< 1.0b1-431html2ps-1.0b1-431.i386.rpm
openSUSE7.0alphahtml2ps< 1.0b1-328html2ps-1.0b1-328.alpha.rpm

OS	Version	Architecture	Package	Version	Filename
openSUSE	7.3	i386	html2ps	< 1.0b3-457	html2ps-1.0b3-457.i386.rpm
openSUSE	7.1	ppc	html2ps	< 1.0b1-303	html2ps-1.0b1-303.ppc.rpm
openSUSE	7.3	sparc	html2ps	< 1.0b3-88	html2ps-1.0b3-88.sparc.rpm
openSUSE	7.2	i386	html2ps	< 1.0b1-432	html2ps-1.0b1-432.i386.rpm
openSUSE	7.0	ppc	html2ps	< 1.0b1-302	html2ps-1.0b1-302.ppc.rpm
openSUSE	8.1	i586	lpdfilter	< 0.43-63	lpdfilter-0.43-63.i586.rpm
openSUSE	7.0	i386	html2ps	< 1.0b1-428	html2ps-1.0b1-428.i386.rpm
openSUSE	8.0	i386	html2ps	< 1.0b3-456	html2ps-1.0b3-456.i386.rpm
openSUSE	7.1	i386	html2ps	< 1.0b1-431	html2ps-1.0b1-431.i386.rpm
openSUSE	7.0	alpha	html2ps	< 1.0b1-328	html2ps-1.0b1-328.alpha.rpm

Rows per page:

1-10 of 121

0.04 Low

EPSS

Percentile

92.1%

JSON

Related for SUSE-SA:2002:040