Users login

Create an account »


Users login

Home » Hacking News » DOS Attacks Possible Via Printer Networks - CERT

DOS Attacks Possible Via Printer Networks - CERT

by Majik on November 6th, 2001 Certain printer networks could be used to trigger denial of service (DOS) attacks through vulnerabilities in the systems' line printer daemon (LPD) implementations, warns the Computer Emergency Response Team (CERT).

"Most of these vulnerabilities are buffer overflows allowing a remote intruder to gain root access to the LPD server," according to an alert posted on CERT's Web site. DOS attacks are carried out by intruders who target a Web site with massive amounts of traffic using a multitude of compromised systems.

The gaps exist in older BSD (Berkeley Software Design) line printers, IBM AIX systems and Hewlett-Packard line printers, CERT reported.

Generally, these vulnerabilities - all remotely accessible - enable intruders to execute arbitrary code with the privileges of the LPD server, CERT said. But in some cases an intruder must have access to a machine listed in /etc/hosts.equiv or /etc/hosts.lpd. Sometimes, an intruder must be able to control a name server.

In the IBM AIX systems, for example, buffer overflow exists in the kill_print(), send_status() and chk_fhost() functions of the LPD. In all three cases, intruders could use the vulnerability to obtain root privileges or launch a DOS attack, the alert said.

A buffer overflow vulnerability in the BSD line printer daemon permits remote execution of arbitrary commands with elevated privileges, as does the line printer daemon (rlpdaemon) on HP-UX systems, said CERT.

Even though some of the vulnerabilities have already been publicized, CERT said network administrators may not have addressed all the problems and advise them to re-check their systems. Patches are available at the CERT site or from vendors.

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »