Lucene search
K

107 matches found

CVE
CVE
added 2002/08/01 4:0 a.m.59 views

CVE-2000-1208

CVE-2000-1208 affects BSD-based lpr/lpd (print subsystem). It is a format-string vulnerability in startprinting() inside printjob.c that can allow local privilege escalation via a faulty syslog call using strings from checkremote(). The vulnerability is tied to the lpr/lpd package and has been ad...

7.2CVSS6.5AI score0.00368EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2002/03/09 5:0 a.m.69 views

CVE-1999-1102

The CVE-1999-1102 entry concerns lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1 and other BSD-based systems. The vulnerability arises from a symlink-related attack in lpr that enables local users to create or overwrite arbitrary files after the program is invoked 1000 times. Root cause is a symlink hand...

2.1CVSS6.8AI score0.00436EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2002/03/09 5:0 a.m.23 views

CVE-1999-1102

lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times...

6.4AI score0.00436EPSS
Exploits1References3
Packet Storm
Packet Storm
added 2000/10/21 12:0 a.m.35 views

redhat.lpr.txt

details of an exploit agains lpr-0.50-4 at least also affects other systems that may have the same print filters URL : http://crash.ihug.co.nz/Sneuro/lpd-adv.txt AFFECTS : lpr-0.50-4 & earlier SEVERITY : local ROOT possible. SYNOPSIS : escalation of group permissions, leading to exploit for every...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/10/20 12:0 a.m.45 views

lpd: elevated privs - sometimes root

details of an exploit agains lpr-0.50-4 at least also affects other systems that may have the same print filters URL : http://crash.ihug.co.nz/Sneuro/lpd-adv.txt AFFECTS : lpr-0.50-4 & earlier SEVERITY : local ROOT possible. SYNOPSIS : escalation of group permissions, leading to exploit for every...

7.8AI score
Exploits0
Exploit DB
Exploit DB
added 2000/10/20 12:0 a.m.34 views

BSD 'lpr' 0.54 -4 - Arbitrary Command Execution

source: https://www.securityfocus.com/bid/1834/info lpr is a set of printing tools for unix systems. The lpr package that ships with RedHat Linux 6.2 and possibly earlier versions contains a vulnerability that will allow an attacker to execute arbitrary commands with the privileges of group 'lp'...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/10/20 12:0 a.m.44 views

Серьезная дырка в LPR (PostScript shell execution & grog)

При печати PostScript документов выполняются shell-команды содержащиеся в документах, при этом не сбрасывается egid lp, что позволяет получить gid lp, кроме того, в отдельных случаях возможно получить root используя некорректный вызов к программе pic в grog...

0.6AI score
Exploits0References1Affected Software1
exploitpack
exploitpack
added 2000/10/20 12:0 a.m.22 views

BSD lpr 0.54 -4 - Arbitrary Command Execution

BSD lpr 0.54 -4 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/1834/info lpr is a set of printing tools for unix systems. The lpr package that ships with RedHat Linux 6.2 and possibly earlier versions contains a vulnerability that will allow an attacker to execute arbitra...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2000/10/05 12:0 a.m.41 views

Дырка в LPRng и lpr.

Ошибка форматной строки в lpd, причем последний работает как suid root. Кроме того ошибки форматной строки и преобразования данных в lpr...

0.9AI score
Exploits0References3Affected Software3
securityvulns
securityvulns
added 2000/09/26 12:0 a.m.32 views

Дырки в LPR-утилитах BSD

Ошибка форматной строки...

0.3AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2000/09/26 12:0 a.m.36 views

Format strings: bug #1: BSD-lpr

Hi, INTRO ----- Welcome to a short series of security bugs, all involving mistakes with "user supplied format strings". This class of bug is very popular on Bugtraq at the moment, so what an ideal time for a few examples. BSD-lpr ------- If we look into lpr/lpd/printjob.c, we can find the followi...

Exploits0
Debian
Debian
added 2000/01/09 5:12 p.m.1 views

[SECURITY] New version of lpr released

Package: lpr Vulnerability type: remote exploit Debian-specific: no The version of lpr that was distributed with Debian GNU/Linux 2.1 and the updated version released in 2.1r4 have a two security problems: the client hostname wasnt verified properly, so if someone is able to control the DNS entry...

6AI score
Exploits0
Debian
Debian
added 2000/01/09 12:0 a.m.24 views

[SECURITY] New version of lpr released

------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman January 9, 2000 - ------------------------------------------------------------------------ Package: lpr Vulnerability type: remote...

1.7AI score
Exploits0
OSV
OSV
added 2000/01/08 5:0 a.m.5 views

CVE-2000-1221

The line printer daemon lpd in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by...

6.8AI score
Exploits0References8
OSV
OSV
added 2000/01/08 5:0 a.m.3 views

DEBIAN-CVE-2000-1220

The line printer daemon lpd in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file...

10CVSS7.4AI score0.14217EPSS
Exploits0References1
NVD
NVD
added 1999/12/31 5:0 a.m.23 views

CVE-1999-1102

lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times...

2.1CVSS6.4AI score0.00436EPSS
Exploits1References3
Debian
Debian
added 1999/10/30 3:22 p.m.1 views

[SECURITY] New versions of lpr released

The version of lpr that was distributed with Debian GNU/Linux 2.1 suffers from a couple of problems: there was a race in lpr that could be exploited by users to print files they can not normally read lpd did not check permissions of queue-files. As a result by using the -s flag it could be tricke...

5.8AI score
Exploits0
Debian
Debian
added 1999/10/30 12:0 a.m.14 views

[SECURITY] New versions of lpr released

------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman October 30, 1999 - ------------------------------------------------------------------------ The version of lpr that was...

1.5AI score
Exploits0
Packet Storm
Packet Storm
added 1999/09/19 12:0 a.m.31 views

SCO_lpr_vuln.txt

Subject: SCO 5.0.5 lpr local root exploit To: [email protected] Greetings, There is a hole in SCO 5.0.5, probably 5.0.x, /usr/bin/lpr. Or more accurately, /usr/lpd/remote/lp, which lpr execs and passes your command line args on to. This means that while /usr/bin/lpr is sgid lp, we'll stil...

0.3AI score
Exploits0
Debian
Debian
added 1998/08/28 12:7 a.m.11 views

[SECURITY] Current versions of lpr fixes security problem

We have received reports that buffer overflows in lprm may allow users to gain root access to the local system. We recommend that you use the binaries from hamm or any newer release. dpkg -i file.deb will install the referred file. Debian GNU/Linux 2.0 alias hamm Source archives:...

6AI score
Exploits0
Rows per page
Query Builder