TUCoPS :: SunOS/Solaris :: ciacb030.txt

Sun lpd Problem

         _____________________________________________________
              The Computer Incident Advisory Capability
                          ___  __ __    _     ___
                         /       |     / \   /
                         \___  __|__  /___\  \___
         _____________________________________________________
                          Information Bulletin
 
June 3, 1991, 1100 PST                                        Number B-30
 
                           SunOS lpd Problem
_________________________________________________________________________
PROBLEM: The SunOS 4.1 and 4.1.1 line printer spooler daemon (lpd) has
	a flaw that allows unauthorized deletion of files.
PLATFORM: Sun3, sun3x, sun4, sun4c architectures running SunOS 4.1 and 4.1.1
DAMAGE: Unauthorized file deletions can occur
SOLUTIONS: Apply patch-ID# 100305-01
_________________________________________________________________________
                   Critical Facts About lpd Problem

Sun Microsystems has recently released a security bulletin (#00108)
concerning a problem with the line printer spooler daemon (lpd).  
This problem can allow an unauthorized person to use the SunOS 4.1 and
4.1.1 lpd to delete files.  

Sun Microsystems has provided corrected lpd files for the various
architectures and versions of SunOS affected.  These files are in the
compressed tarfile 100305-01.tar.Z   This file can be obtained from Sun
by specifying "Patch-ID# 100305-01".  Alternately, the file can be
obtained via anonymous FTP from ftp.uu.net as
"sun-dist/100305-01.tar.Z". The checksum (sum(1V)) of the file
100305-01.tar.Z is "31440   239".

Instructions for obtaining this patch from ftp.uu.net are:

  (Login as root)
  # ftp ftp.uu.net
  ...
  Name (ftp.uu.net:root): anonymous
  331 Guest login ok, send ident as password.
  Password: <put your e-mail address here>
  230 Guest login ok, access restrictions apply.
  ftp> cd sun-dist
  ftp> binary
  ftp> get 100305-01.tar.Z
  ...
  ftp> quit
  #

Instruction for applying this patch are:

  (Login as root)
  (cd to directory containing the compressed tar patch file)
  (Verify the integrity of the compressed tar patch file.
  # sum 100305-01.tar.Z
  31440   239
  (If the numbers you get are not these, DO NOT proceed! You have a bad
  (  patch file. Delete the patch file and try to obtain a proper copy.
  # uncompress 100305-01.tar.Z
  # mkdir sunpatch
  # cd sunpatch
  # tar xvf ../100305-01.tar
  (Kill the running lpd:
  # ps -ax | grep lpd
  (You should see something like:
  (          134 ?  IW    0:00 /usr/lib/lpd
  (        26753 p5 S     0:00 grep lpd
  (  Insert the "pid" (the first number on the line) of /usr/lib/lpd into
  (   the next command, i.e. in this case, one would substitute 134.
  (  If you have more than one copy of lpd running, repeat the "kill -9"
  (   command for each "pid" found.
  # kill -9 {pid of /usr/lib/lpd}
  (Save old lpd
  # mv /usr/lib/lpd /usr/lib/lpd.FCS
  # chmod 100 /usr/lib/lpd.FCS
  (copy the upgraded lpd file to /usr/lib
  (   Substitute as appropriate for your architecture and SunOS version:
  # cp sun{3,3x,4,4c}/{4.1,4.1.1}/lpd /usr/lib/lpd
  # chmod 6755 /usr/lib/lpd
  # chown root /usr/lib/lpd
  # chgrp daemon /usr/lib/lpd
  (Verify your work:
  # ls -lg /usr/lib/lpd
  -rwsr-sr-x  1 root      daemon    ????? ??? ?? ??:?? /usr/lib/lpd
  (Restart the lpd daemon:
  # rm -f /dev/printer /var/spool/lpd.lock
  # /usr/lib/lpd
  (Verify that the lpd daemon restarted:
  # ps -ax | grep lpd
  (Cleanup:
  # cd ..
  # rm -r sunpatch
  # rm 100305-01.tar

For additional information or assistance, please contact CIAC:

	Hal Brand
        (415) 422-6312 or (FTS) 532-6312
 	brand@addvax.llnl.gov

 	Call CIAC at (415) 422-8193 or (FTS) 532-8193 or send e-mail
 	to ciac@cheetah.llnl.gov.  

 	Send FAX messages to:  (415) 423-0913 or (FTS) 543-0913.

Sun Microsystems provided some of the information used in this
bulletin.  This document was prepared as an account of work sponsored
by an agency of the United States Government. Neither the United States
Government nor the University of California nor any of their employees,
makes any warranty, express or implied, or assumes any legal liability
or responsibility for the accuracy, completeness, or usefulness of any
information, apparatus, product, or process disclosed, or represents
that its use would not infringe privately owned rights. Reference
herein to any specific commercial products, process, or service by
trade name, trademark, manufacturer, or otherwise, does not necessarily
constitute or imply its endorsement, recommendation or favoring by the
United States Government or the University of California. The views and
opinions of authors expressed herein do not necessarily state or
reflect those of the United States Government or the University of
California, and shall not be used for advertising or product
endorsement purposes.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH