Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-1220

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2000-1220
Last Modified 07 Mar 2011 09:04:27
Published 08 Jan 2000 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-1220

Summary

The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file.

Vulnerable Systems

Operating System

  • Redhat Linux 4.0

  • Redhat Linux 4.1

  • Redhat Linux 4.2

  • Redhat Linux 5.0

  • Redhat Linux 5.1

  • Redhat Linux 5.2

  • Redhat Linux 6.0

  • Redhat Linux 6.1

  • Sgi Irix 6.5

  • Sgi Irix 6.5.1

  • Sgi Irix 6.5.10

  • Sgi Irix 6.5.11

  • Sgi Irix 6.5.12

  • Sgi Irix 6.5.13

  • Sgi Irix 6.5.14f

  • Sgi Irix 6.5.14m

  • Sgi Irix 6.5.15f

  • Sgi Irix 6.5.15m

  • Sgi Irix 6.5.16f

  • Sgi Irix 6.5.16m

  • Sgi Irix 6.5.17f

  • Sgi Irix 6.5.17m

  • Sgi Irix 6.5.18f

  • Sgi Irix 6.5.18m

  • Sgi Irix 6.5.2

  • Sgi Irix 6.5.3

  • Sgi Irix 6.5.4

  • Sgi Irix 6.5.5

  • Sgi Irix 6.5.6

  • Sgi Irix 6.5.7

  • Sgi Irix 6.5.8

  • Sgi Irix 6.5.9


References

CERT-VN - VU#39001

XF - redhat-lpd-print-control(3841)

BID - 927

REDHAT - RHSA-2000:002

DEBIAN - 20000109 lpr -- access control problem and root exploit

MISC - http://www.atstake.com/research/advisories/2000/lpd_advisory.txt

BUGTRAQ - 20000108 L0pht Advisory: LPD, RH 4.x,5.x,6.x

SGI - 20021104-01-P

DEBIAN - DSA-20000109

L0PHT - 20000108 Quadruple Inverted Backflip


Last Updated: 27 May 2016 10:51:53