From owner-freebsd-security  Thu Nov  8  5:41:20 2001
Delivered-To: freebsd-security@freebsd.org
Received: from straylight.ringlet.net (sentinel.office1.bg [217.75.134.126])
	by hub.freebsd.org (Postfix) with SMTP id E888837B41A
	for <freebsd-security@freebsd.org>; Thu,  8 Nov 2001 05:40:49 -0800 (PST)
Received: (qmail 67833 invoked by uid 1000); 8 Nov 2001 13:39:16 -0000
Date: Thu, 8 Nov 2001 15:39:16 +0200
From: Peter Pentchev <roam@ringlet.net>
To: Kevin & Anita Kinsey <k_a_kinsey@netzero.net>
Cc: freebsd-security@freebsd.org
Subject: Re: Fw: Buffer overflow in lpd?
Message-ID: <20011108153916.A67725@straylight.oblivion.bg>
Mail-Followup-To: Kevin & Anita Kinsey <k_a_kinsey@netzero.net>,
	freebsd-security@freebsd.org
References: <034101c16859$67c004e0$1e69493f@Kinsey>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <034101c16859$67c004e0$1e69493f@Kinsey>; from k_a_kinsey@netzero.net on Thu, Nov 08, 2001 at 07:29:17AM -0600
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

On Thu, Nov 08, 2001 at 07:29:17AM -0600, Kevin & Anita Kinsey wrote:
> from http://icat.nist.gov/icat.cfm?cvename=CAN-2001-0670 :
>  
> "Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various BSD-based operating systems allows remote attackers to execute arbitrary code via an incomplete print job followed by a request to display the printer queue."
> 
> Was this fixed prior to 4.4-REL?  Date on site is "prior to 10/3/2001."  REL was Sept, correct?

All the information is there at the FreeBSD Project website.
Go to http://www.FreeBSD.org/, follow the Security link, follow
the Security Advisories link, there is a list of advisories.
SA-01:58 is labeled as 'FreeBSD-SA-01:58.lpd', suggesting that
it has something to do with, well, lpd :)

This advisory lists a correction date of 2001-08-30 (FreeBSD 4.3-STABLE)
and states that "[the] base system that will ship with FreeBSD 4.4 does
not contain this problem since it was corrected before the release".

G'luck,
Peter

-- 
If there were no counterfactuals, this sentence would not have been paradoxical.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message