Vulnerability Details CVE-2000-1208
Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 14.3%
CVSS Severity
CVSS v2 Score 7.2
References
- http://marc.info/?l=bugtraq&m=96994604300675&w=2
- http://online.securityfocus.com/archive/1/137555
- http://www.iss.net/security_center/static/5286.php
- http://www.redhat.com/support/errata/RHSA-2000-066.html
- http://www.securityfocus.com/bid/1711
- http://marc.info/?l=bugtraq&m=96994604300675&w=2
- http://online.securityfocus.com/archive/1/137555
- http://www.iss.net/security_center/static/5286.php
- http://www.redhat.com/support/errata/RHSA-2000-066.html
- http://www.securityfocus.com/bid/1711
Products affected by CVE-2000-1208
-
cpe:2.3:a:immunix:immunix:6.2
-
cpe:2.3:o:netbsd:netbsd:1.4
-
cpe:2.3:o:netbsd:netbsd:1.4.1
-
cpe:2.3:o:netbsd:netbsd:1.4.2
-
cpe:2.3:o:openbsd:openbsd:2.7
-
cpe:2.3:o:redhat:linux:7.0