Mandrake Linux Security Advisory : groff (MDKSA-2002:012)
High Nessus Plugin ID 13920
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
Descriptionzen-parse discovered an exploitable buffer overflow in groff's preprocessor. If groff is invoked using the LPRng printing system, an attacker can gain rights as the 'lp' user. Likewise, this may be remotely exploitable if lpd is running and remotely accessible and the attacker knows the name of the printer and it's spool file.
SolutionUpdate the affected packages.