Lucene search

[email protected]CVE-2000-1220

HistoryApr 21, 2005 - 4:00 a.m.

CVE-2000-1220

2005-04-2104:00:00

[email protected]

web.nvd.nist.gov

cve-2000-1220

linux

lpd

root privileges

sendmail

lpr package

security vulnerability

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.1 High

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.3%

JSON

The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file.

Affected configurations

NVD

Node

sgiirixMatch6.5

sgiirixMatch6.5.1

sgiirixMatch6.5.2

sgiirixMatch6.5.3

sgiirixMatch6.5.4

sgiirixMatch6.5.5

sgiirixMatch6.5.6

sgiirixMatch6.5.7

sgiirixMatch6.5.8

sgiirixMatch6.5.9

sgiirixMatch6.5.10

sgiirixMatch6.5.11

sgiirixMatch6.5.12

sgiirixMatch6.5.13

sgiirixMatch6.5.14f

sgiirixMatch6.5.14m

sgiirixMatch6.5.15f

sgiirixMatch6.5.15m

sgiirixMatch6.5.16f

sgiirixMatch6.5.16m

sgiirixMatch6.5.17f

sgiirixMatch6.5.17m

sgiirixMatch6.5.18f

sgiirixMatch6.5.18m

Node

redhatlinuxMatch4.0

redhatlinuxMatch4.1

redhatlinuxMatch4.2

redhatlinuxMatch5.0

redhatlinuxMatch5.1

redhatlinuxMatch5.2i386

redhatlinuxMatch6.0

redhatlinuxMatch6.1i386

CPENameOperatorVersion
sgi:irixsgi irixeq6.5
sgi:irixsgi irixeq6.5.1
sgi:irixsgi irixeq6.5.2
sgi:irixsgi irixeq6.5.3
sgi:irixsgi irixeq6.5.4
sgi:irixsgi irixeq6.5.5
sgi:irixsgi irixeq6.5.6
sgi:irixsgi irixeq6.5.7
sgi:irixsgi irixeq6.5.8
sgi:irixsgi irixeq6.5.9

CPE	Name	Operator	Version
sgi:irix	sgi irix	eq	6.5
sgi:irix	sgi irix	eq	6.5.1
sgi:irix	sgi irix	eq	6.5.2
sgi:irix	sgi irix	eq	6.5.3
sgi:irix	sgi irix	eq	6.5.4
sgi:irix	sgi irix	eq	6.5.5
sgi:irix	sgi irix	eq	6.5.6
sgi:irix	sgi irix	eq	6.5.7
sgi:irix	sgi irix	eq	6.5.8
sgi:irix	sgi irix	eq	6.5.9

Rows per page:

1-10 of 241

References

ftp://patches.sgi.com/support/free/security/advisories/20021104-01-P

seclists.org/lists/bugtraq/2000/Jan/0116.html

www.atstake.com/research/advisories/2000/lpd_advisory.txt

www.debian.org/security/2000/20000109

www.kb.cert.org/vuls/id/39001

www.l0pht.com/advisories/lpd_advisory

www.redhat.com/support/errata/RHSA-2000-002.html

www.securityfocus.com/bid/927

exchange.xforce.ibmcloud.com/vulnerabilities/3841

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.1 High

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.3%

JSON

Related for CVE-2000-1220

nvd2 debiancve1 cvelist2 cve1