Operating systems which had their kernel reorganized to accomodate the network file system (NFS) and are based on 4.3 BSD, specifically SunOS and Pyramid, contain a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a malicious user causes lpr to print out an arbitrary privileged file, resulting in a loss of confidentiality.
Classification
Location:
Local Access Required
Attack Type:
Information Disclosure
Impact:
Loss of Confidentiality
Exploit:
Exploit Available
Disclosure:
OSVDB Verified
Technical
The access system call utilized by lpr only calls iaccess on the inode to verify that the protection of the file is acceptable. It fails to check the protection of the directory.
Solution
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.
