CVE-2005-4797

Name of the Vulnerable Software and Affected Versions Solaris versions 7 through 10

Description A directory traversal issue exists in the printd line printer daemon (lpd) that allows remote attackers to delete arbitrary files by using ".." sequences in an "Unlink data file" command.

Recommendations For Solaris versions 7 through 10, consider restricting access to the lpd service until a patch is available. As a temporary workaround, avoid using the "Unlink data file" command with untrusted input to minimize the risk of exploitation.