Lpd over the Internet

Impact

This vulnerability allows remote users, or hackers, to write print jobs to a printer queue via the Internet. Thus, unauthorized remote users can fill the print queue and make the printer inaccessible to other users.

Background

The print process is controlled by a process called lpd. The lpd process is a UNIX daemon that accepts print requests from local and remote users.

The Problem

This vulnerability might allow hackers to write numerous print jobs to a printer on the target system, and then pause the print process. By doing so, the hacker denies print services to all users.

Resolution

The resolution to this vulnerability is to disable the lpd process, which may be done by editing the inetd.conf file, commenting out the lpd service, and by sending a HUP (a restart signal, usually sent to a process after its configuration has changed), signal to the inetd process. If it is not feasible to disable the lpd service, then you should at least limit access to the vulnerable services to machines in your local network. This can be done by installing TCP wrappers.