SCO OpenServer lpadmin Buffer Overflow Vulnerability

SCO OpenServer lpadmin Buffer Overflow Vulnerability

SCO OpenServer 5.0.6 (and possibly earlier versions) ships with several suid 'bin' executables used in printer administration and related tasks.

This includes lpadmin, a component used to manage and configure print destinations, devices and printer interface programs.

'lpadmin' contains a locally exploitable buffer overflow condition present in the handling of command-line parameters.

If properly exploited, this can yield user 'bin' privileges to the attacker.