Solaris lpset -r Buffer Overflow Vulnerability

Sun has made the following patches available from

SunOS 5.8 109320-01
SunOS 5.8_x86 109321-01
SunOS 5.7 107115-05
SunOS 5.7_x86 107115-05
SunOS 5.6 106235-06
SunOS 5.6_x86 106236-06

Checksums are available at:

Removal of the setuid bit on the lpset executable will remove this problem. As this program is intended to only be runable by root, and members of the 'sysadmin' group (group14), removal of this bit should not have a significant impact.


Privacy Statement
Copyright 2010, SecurityFocus