Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0917

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2000-0917
Last Modified 05 Sep 2008 04:22:11
Published 19 Dec 2000 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-0917

Summary

Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands.

Vulnerable Systems

Operating System

  • Caldera Openlinux

  • Caldera Openlinux Edesktop 2.4

  • Caldera Openlinux Eserver 2.3

  • Redhat Linux 7.0

  • Trustix Secure Linux 1.0

  • Trustix Secure Linux 1.1

Application

  • Caldera Openlinux Ebuilder 3.0


References

CERT - CA-2000-22

XF - lprng-format-string

BID - 1712

REDHAT - RHSA-2000:065

CALDERA - CSSA-2000-033.0

BUGTRAQ - 20000925 Format strings: bug #2: LPRng

FREEBSD - FreeBSD-SA-00:56


Last Updated: 27 May 2016 10:35:56