Rapid7 Vulnerability & Exploit Database

RHSA-2002:004: New groff packages available to fix security problems

Back to Search

RHSA-2002:004: New groff packages available to fix security problems

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
02/27/2002
Created
07/25/2018
Added
10/28/2005
Modified
07/04/2017

Description

New groff packages have been made available that fix an overflow in groff. If the printing system running this is a security issue, it is recommended to update to the new, fixed packages.

Groff is a document formatting system. The groff preprocessor contains an exploitable buffer overflow. If groff can be invoked within the LPRng printing system, an attacker can gain rights as the "lp" user. Remote exploitation may be possible if lpd is running and is accessible remotely, and the attacker knows the name of the printer and spoolfile. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2002-0003 to this issue. Thanks to zen-parse for bringing this bug to our attention.

Solution(s)

  • redhat-upgrade-groff
  • redhat-upgrade-groff-gxditview
  • redhat-upgrade-groff-perl

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;