Lucene search

[email protected]CVE-2000-0881

HistoryNov 14, 2000 - 5:00 a.m.

CVE-2000-0881

2000-11-1405:00:00

[email protected]

web.nvd.nist.gov

lpplus

dccsan

cve-2000-0881

user permission

file printing

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

0.4%

JSON

The dccscan setuid program in LPPlus does not properly check if the user has the permissions to print the file that is specified to dccscan, which allows local users to print arbitrary files.

Affected configurations

NVD

Node

plus_technologieslpplusMatch3.2.2

plus_technologieslpplusMatch3.3

CPENameOperatorVersion
plus_technologies:lpplusplus technologies lppluseq3.2.2
plus_technologies:lpplusplus technologies lppluseq3.3

CPE	Name	Operator	Version
plus_technologies:lpplus	plus technologies lpplus	eq	3.2.2
plus_technologies:lpplus	plus technologies lpplus	eq	3.3

References

archives.neohapsis.com/archives/bugtraq/2000-08/0531.html

www.securityfocus.com/bid/1644

exchange.xforce.ibmcloud.com/vulnerabilities/5201

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for CVE-2000-0881

nvd1 cvelist1