Short Name |
LPR:ARB-FILE-UNLINK |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
LPR |
Keywords |
Sun Solaris Printd Daemon Arbitrary File Deletion |
Release Date |
2005/09/01 |
Update Number |
1213 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects LPD connections containing crafted control files. An attacker can send lpr requests containing invalid characters, which if successful, can delete an arbitrary file from the target system resulting in data loss or a system crash.
Sun Solaris printd is affected by an arbitrary file deletion vulnerability. It was reported that a remote or local attacker can delete arbitrary files on a computer with the privileges of printd. If an attacker is able to delete sensitive files, this issue may lead to a denial of service condition.