Subject: Re: NetBSD Security Advisory 2001-018 Remote Buffer Overflow Vulnerability in LPD
To: None <email@example.com>
From: Perry E. Metzger <firstname.lastname@example.org>
Date: 11/23/2001 11:36:46
NetBSD Security Officer <email@example.com> writes:
> Quick workaround:
> If you are running /usr/sbin/lpd, and you do not need it, stop it.
> If you have /etc/hosts.lpd which is open to everyone, you will want to
> tighten the setup so that no malicious parties can access your
> remote printer.
You might have wanted to mention the "-s" flag to lpd, which would be
of use for many folks who would otherwise have to shut off lpd entirely.
Note that we have "-s" set in our default flags for lpd already, and
that the "-s" flag was added very very long ago.
Perry E. Metzger firstname.lastname@example.org
NetBSD Development, Support & CDs. http://www.wasabisystems.com/