SARA detected a printer daemon but cannot determine the operating system. If the identified host is a SunOS 2.5 or 2.6 system, the printer daemon may be vulnerable. If not, then the daemon is OK. The tutorial below assumes that the host is a SunOS. A buffer overrun exists in the 'netpr' program, part of the SUNWpcu (LP) package included with Solaris, from Sun Microsystems. Versions of netpr on Solaris 2.6 and 7.
By specifying a long buffer containing machine executable code, it is possible to execute arbitrary commands as root. On Sparc, the exploits provided will spawn a root shell, whereas on x86 it will create a setuid root shell in /tmp.
As of this writing, patches are not available to the general public. Removal of the setuid bit on the /usr/lib/lp/bin/netpr program will eliminate this vulnerability. This may prevent some portions of the network printing subsystem from working.