VULHUB ™

Certain versions of IRIX ship with a version of lpstat which is vulnerable to a buffer overflow attack. The program, lpstat, is used to check the status of the printer being used by the IRIX machine. The problem is in the command line parsing section of the code whereby a user can supply an overly long string and overflow the buffer resulting in a possible root compromise.

Certain versions of IRIX ship with a version of lpstat which is vulnerable to a buffer overflow attack. The program, lpstat, is used to check the status of the printer being used by the IRIX machine. The problem is in the command line parsing section of the code whereby a user can supply an overly long string and overflow the buffer resulting in a possible root compromise.