Lucene search
HistoryAug 12, 2002 - 4:00 a.m.
CVE-2000-1208
lpr
printjob.c
format string vulnerability
privilege escalation
cve-2000-1208
nvd
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
6.5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
24.4%
Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call.
Affected configurations
Node
immuniximmunixMatch6.2
Node
netbsdnetbsdMatch1.4
ORnetbsdnetbsdMatch1.4.1
ORnetbsdnetbsdMatch1.4.2
ORopenbsdopenbsdMatch2.7
ORredhatlinuxMatch7.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| immunix:immunix | immunix | eq | 6.2 |
Related
cert
cert
lpd hostname authentication bypassed with spoofed DNS
2001-10-16 00:00:00
lpd allows options to be passed to sendmail
2001-10-16 00:00:00
cvelist
cvelist
CVE-2000-1208
2002-08-01 04:00:00
nessus
nessus
Mandrake Linux Security Advisory : lpr (MDKSA-2000:054)
2012-09-06 00:00:00
nvd
nvd
CVE-2000-1208
2002-08-12 04:00:00
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
6.5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
24.4%
Related for CVE-2000-1208