Printtool Printer Share Password Compromise Vulnerability
BID:1037
Info
Printtool Printer Share Password Compromise Vulnerability
| Bugtraq ID: | 1037 |
| Class: | Unknown |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Mar 09 2000 12:00AM |
| Updated: | Mar 09 2000 12:00AM |
| Credit: | First posted to BugTraq by Sheshep ankh Dubhe <[email protected]> on March 9, 2000. |
| Vulnerable: |
Redhat Linux 6.2 i386 Redhat Linux 6.1 sparc Redhat Linux 6.1 i386 Redhat Linux 6.1 alpha Mandriva Linux Mandrake 7.0 |
| Not Vulnerable: | |
Discussion
Printtool Printer Share Password Compromise Vulnerability
printtool is an X11 printer configuration tool shipped with RedHat Linux and possibly other linux distributions. When configuring a printer with printtool, the permissions of the config file are set world-readable. This is shown by an example in a bugtraq post regarding this vulnerability:
[dubhe@duat dubhe]$ ls -lsa /var/spool/lpd/lp/.config
1 -rw-r--r-- 1 root root 96 Mar 6 13:21 /var/spool/lpd/lp/.config
It is possible to obtain the printer share password since it is stored in this world-readable file:
[dubhe@duat dubhe]$ cat /var/spool/lpd/lp/.config
share='\\xxxxx\HP'
hostip=xxx.xxx.xxx.xxx
user='username'
password='1111'
workgroup='xxxxxxxx'
printtool is an X11 printer configuration tool shipped with RedHat Linux and possibly other linux distributions. When configuring a printer with printtool, the permissions of the config file are set world-readable. This is shown by an example in a bugtraq post regarding this vulnerability:
[dubhe@duat dubhe]$ ls -lsa /var/spool/lpd/lp/.config
1 -rw-r--r-- 1 root root 96 Mar 6 13:21 /var/spool/lpd/lp/.config
It is possible to obtain the printer share password since it is stored in this world-readable file:
[dubhe@duat dubhe]$ cat /var/spool/lpd/lp/.config
share='\\xxxxx\HP'
hostip=xxx.xxx.xxx.xxx
user='username'
password='1111'
workgroup='xxxxxxxx'
Exploit / POC
Printtool Printer Share Password Compromise Vulnerability
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Printtool Printer Share Password Compromise Vulnerability
Solution:
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution:
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
References
Printtool Printer Share Password Compromise Vulnerability
References:
References:
- Updates, Fixes, and Errata Page (RedHat)