Vulnerabilities > CVE-2004-0454 - Multiple vulnerability in Rlpr msg() Function
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Buffer overflow in the msg function for rlpr daemon (rlprd) 2.04 allows local users to execute arbitrary code.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 5 |
Nessus
NASL family | Debian Local Security Checks |
NASL id | DEBIAN_DSA-524.NASL |
description | discovered a format string vulnerability in rlpr, a utility for lpd printing without using /etc/printcap. While investigating this vulnerability, a buffer overflow was also discovered in related code. By exploiting one of these vulnerabilities, a local or remote user could potentially cause arbitrary code to be executed with the privileges of 1) the rlprd process (remote), or 2) root (local). CAN-2004-0393: format string vulnerability via syslog(3) in msg() function in rlpr CAN-2004-0454: buffer overflow in msg() function in rlpr |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 15361 |
published | 2004-09-29 |
reporter | This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/15361 |
title | Debian DSA-524-1 : rlpr - several vulnerabilities |