Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0880

Overview

Vulnerability Score 3.6 3.6
CVE Id CVE-2000-0880
Last Modified 05 Sep 2008 04:22:06
Published 14 Nov 2000 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2000-0880

Summary

LPPlus creates the lpdprocess file with world-writeable permissions, which allows local users to kill arbitrary processes by specifying an alternate process ID and using the setuid dcclpdshut program to kill the process that was specified in the lpdprocess file.

Vulnerable Systems

Application

  • Plus Technologies Lpplus 3.2.2

  • Plus Technologies Lpplus 3.3


References

XF - lpplus-process-perms-dos

BID - 1643

BUGTRAQ - 20000906 Multiple Security Holes in LPPlus


Last Updated: 27 May 2016 10:35:54