CVE-2000-1220

The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.1:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.2:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.3:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.4:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.5:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.6:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.7:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.8:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.9:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.10:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.11:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.12:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.13:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.14f:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.14m:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.15f:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.15m:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.16f:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.16m:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.17f:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.17m:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.18f:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.18m:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:4.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:4.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:5.2:*:i386:*:*:*:*:*
cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:6.1:*:i386:*:*:*:*:*

History

20 Nov 2024, 23:34

Type Values Removed Values Added
References () ftp://patches.sgi.com/support/free/security/advisories/20021104-01-P - () ftp://patches.sgi.com/support/free/security/advisories/20021104-01-P -
References () http://seclists.org/lists/bugtraq/2000/Jan/0116.html - () http://seclists.org/lists/bugtraq/2000/Jan/0116.html -
References () http://www.atstake.com/research/advisories/2000/lpd_advisory.txt - () http://www.atstake.com/research/advisories/2000/lpd_advisory.txt -
References () http://www.debian.org/security/2000/20000109 - () http://www.debian.org/security/2000/20000109 -
References () http://www.kb.cert.org/vuls/id/39001 - US Government Resource () http://www.kb.cert.org/vuls/id/39001 - US Government Resource
References () http://www.l0pht.com/advisories/lpd_advisory - () http://www.l0pht.com/advisories/lpd_advisory -
References () http://www.redhat.com/support/errata/RHSA-2000-002.html - () http://www.redhat.com/support/errata/RHSA-2000-002.html -
References () http://www.securityfocus.com/bid/927 - () http://www.securityfocus.com/bid/927 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/3841 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/3841 -

Information

Published : 2000-01-08 05:00

Updated : 2024-11-20 23:34


NVD link : CVE-2000-1220

Mitre link : CVE-2000-1220

CVE.ORG link : CVE-2000-1220


JSON object : View

Products Affected

sgi

  • irix

redhat

  • linux