How to Buy
This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.
The remote Red Hat host is missing a security update.
Updated LPRng packages resolving a temporary file vulnerability are
LPRng is a print spooler. LPRng includes a program, psbanner, that can
be used to produce Postscript banner pages to separate print jobs.
A vulnerability has been found in psbanner, which creates in an
insecure manner a temporary file with a known filename. An attacker
could create a symbolic link and cause arbitrary files to be written
as the lp user.
Note: psbanner is not used by the default Red Hat Enterprise Linux
Users that have configured LPRng to use psbanner should install these
updated packages, which contain a patch so that psbanner does not
create the temporary file.
See also :
Update the affected LPRng package.
Risk factor :
Low / CVSS Base Score : 2.1
Family: Red Hat Local Security Checks
Nessus Plugin ID: 12391 ()
CVE ID: CVE-2003-0136
Upgrade to Nessus Professional today!
Start your free Nessus Cloud trial now!
Begin Free Trial
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.