RHSA-2002:004: New groff packages available to fix security problems
Description
New groff packages have been made available that fix an overflow in groff. If the printing system running this is a security issue, it is recommended to update to the new, fixed packages.
Groff is a document formatting system. The groff preprocessor contains an exploitable buffer overflow. If groff can be invoked within the LPRng printing system, an attacker can gain rights as the "lp" user. Remote exploitation may be possible if lpd is running and is accessible remotely, and the attacker knows the name of the printer and spoolfile. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2002-0003 to this issue. Thanks to zen-parse for bringing this bug to our attention.
Solution(s)
- redhat-upgrade-groff
- redhat-upgrade-groff-gxditview
- redhat-upgrade-groff-perl
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center