Buffer overflow in the lprm command in the lprold lpr package on SuSE 7.1 through 7.3, OpenBSD 3.2 and earlier, and possibly other operating systems, allows local users to gain root privileges via long command line arguments such as (1) request ID or (2) user name.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
20 Nov 2024, 23:44
Type | Values Removed | Values Added |
---|---|---|
References | () ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/010_lprm.patch - | |
References | () ftp://patches.sgi.com/support/free/security/advisories/20030406-02-P - | |
References | () http://marc.info/?l=bugtraq&m=104690434504429&w=2 - | |
References | () http://marc.info/?l=bugtraq&m=104714441925019&w=2 - | |
References | () http://secunia.com/advisories/8293 - | |
References | () http://www.debian.org/security/2003/dsa-267 - | |
References | () http://www.debian.org/security/2003/dsa-275 - | |
References | () http://www.mandriva.com/security/advisories?name=MDKSA-2003:059 - | |
References | () http://www.novell.com/linux/security/advisories/2003_014_lprold.html - | |
References | () http://www.securityfocus.com/bid/7025 - Exploit, Patch, Vendor Advisory | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/11473 - |
Information
Published : 2003-03-31 05:00
Updated : 2024-11-20 23:44
NVD link : CVE-2003-0144
Mitre link : CVE-2003-0144
CVE.ORG link : CVE-2003-0144
JSON object : View
Products Affected
lprold
- lprold
openbsd
- openbsd
bsd
- lpr
freebsd
- freebsd
CWE