CVE-2000-1220
7.2 High
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.011 Low
EPSS
Percentile
84.0%
The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file.
References
ftp://patches.sgi.com/support/free/security/advisories/20021104-01-P
seclists.org/lists/bugtraq/2000/Jan/0116.html
www.atstake.com/research/advisories/2000/lpd_advisory.txt
www.debian.org/security/2000/20000109
www.kb.cert.org/vuls/id/39001
www.l0pht.com/advisories/lpd_advisory
www.redhat.com/support/errata/RHSA-2000-002.html
www.securityfocus.com/bid/927
exchange.xforce.ibmcloud.com/vulnerabilities/3841
7.2 High
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.011 Low
EPSS
Percentile
84.0%