The CERT Coordination Centre, a research and development centre funded by the US government, warned that multiple vulnerabilities exist in several implementations of the line printer systems software. These holes could allow intruders to gain root privileges and launch denial-of-service attacks through IBM AIX, FreeBSD, netBSD and openBSD line printers, and Hewlett-Packard's HP-UX line printers.
CERT said some of the problems had already been publicised, but added: "We believe many systems and network administrators may have overlooked one or more of these vulnerabilities."
In an advisory statement, CERT said: "We are issuing this document primarily to encourage systems and network administrators to check their systems for exposure to each of these vulnerabilities, even if they have addressed some vulnerabilities recently."
The problems relate to buffer overflow issues that allow remote users to gain root access to servers, the statement said.
An intruder can send a specially crafted print job to the target and then request a display of the print queue to trigger the buffer overflow. The intruder may be able use this overflow to execute arbitrary commands on the system with so-called super-user privileges.
Patches exist for some of the holes, and individual vendors should be contacted. A more detailed explanation of these problems can be found on CERT's advisory page.