Vulnerability Assessment & Network Security Forums
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.
Vulnerability Assessment Details
Check for the version of the printer-drivers package
Detailed Explanation for this Vulnerability Assessment
The remote host is missing the patch for the advisory MDKSA-2003:010 (printer-drivers).
Karol Wiesek and iDefense disovered three vulnerabilities in the printer-drivers
package and tools it installs. These vulnerabilities permit a local attacker to
empty or create any file on the filesystem.
The first vulnerability is in the mtink binary, which has a buffer overflow in
its handling of the HOME environment variable.
The second vulnerability is in the escputil binary, which has a buffer overflow
in the parsing of the --printer-name command line argument. This is only
possible when esputil is suid or sgid
in Mandrake Linux 9.0 it was sgid 'sys'.
Successful exploitation will provide the attacker with the privilege of the
The third vulnerability is in the ml85p binary which contains a race condition
in the opening of a temporary file. By default this file is installed suid root
so it can be used to gain root privilege. The only caveat is that this file is
not executable by other, only by root or group 'sys'. Using either of the two
previous vulnerabilities, a possible hacker can exploit one of them to obtain 'sys'
privilege' and then use that to exploit this vulnerability to gain root
MandrakeSoft encourages all users to upgrade immediately.
Aside from the security vulnerabilities, a number of bugfixes are included in
this update, for Mandrake Linux 9.0 users. GIMP-Print 4.2.5pre1, HPIJS 1.3,
pnm2ppa 1.12, mtink 0.9.53, and a new foomatic snapshot are included. For a list
of the many bugfixes, please refer to the RPM changelog.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2003:010
Network Security Threat Level: High
Networks Security ID:
Vulnerability Assessment Copyright: This script is Copyright (C) 2004 Tenable Network Security
|Dell Precision T7400 Workstation 2x 3.20GHz QC X5482 16GB 1TB Win 10 Pro
|HP - Pavilion Desktop - Intel Core i7 - 12GB Memory - 1TB Hard Drive - HP fin...
|NEW TK2GY XPS 13 i5-8250U 13.3-in 8GB 1TB NVMe SSD, UHD Graphics 620 Windows 10
|Seagate 1TB Laptop HDD Internal Hard Disk Drive 2.5" HDD 1TB 7mm 5400RPM SATA 6G
No Discussions have been posted on this vulnerability.