Steve wrote: > > However, for those running affected versions of lpd, > that daemon LISTENS on port 515. Crackers simply aim > their buffer overflow at port 515, and that gains them > access (assuming it's not firewalled).
Sorry, Steve, I don't quite understand this one. More details would be appreciated. I understand that lpd is on port 515 and that its buffer can be overflowed, but I don't see how that gives the cracker meaningful access to the system. On Slackware at least, lpd does not have root priviledges and it isn't given a shell. I have trouble seeing how a cracker could proceed from there. However, I am ready to learn and would welcome an explanation. Cheers, Steven
