Remote Linux Groff Exploitation Via LPD Vulnerability

lpd is the print spooling daemon. It is used to support network printing on a variety of unix platforms.

The version of lpd that ships with linux systems invokes groff to process documents that are to be printed. The groff utility used to process images, 'pic', contains a vulnerability that can be exploited to execute arbitrary commands on the victim.

It may be possible for remote attackers to exploit this vulnerability through lpd.


 

Privacy Statement
Copyright 2010, SecurityFocus