Vulnerability Details CVE-2001-1583
lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers to execute arbitrary commands via a job request with a crafted control file that is not properly handled when lpd invokes a mail program. NOTE: this might be the same vulnerability as CVE-2000-1220.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.555
EPSS Ranking 97.9%
CVSS Severity
CVSS v2 Score 10.0
References
- http://marc.info/?l=bugtraq&m=99929694701826&w=2
- http://metasploit.com/projects/Framework/modules/exploits/solaris_lpd_exec.pm
- http://www.derkeiler.com/Mailing-Lists/securityfocus/incidents/2001-08/0490.html
- http://www.osvdb.org/15131
- http://www.securityfocus.com/bid/3274
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7087
- http://marc.info/?l=bugtraq&m=99929694701826&w=2
- http://metasploit.com/projects/Framework/modules/exploits/solaris_lpd_exec.pm
- http://www.derkeiler.com/Mailing-Lists/securityfocus/incidents/2001-08/0490.html
- http://www.osvdb.org/15131
- http://www.securityfocus.com/bid/3274
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7087
Products affected by CVE-2001-1583
-
cpe:2.3:o:sun:sunos:-
-
cpe:2.3:o:sun:sunos:3.5
-
cpe:2.3:o:sun:sunos:4.0
-
cpe:2.3:o:sun:sunos:4.0.1
-
cpe:2.3:o:sun:sunos:4.0.2
-
cpe:2.3:o:sun:sunos:4.0.3
-
cpe:2.3:o:sun:sunos:4.0.3c
-
cpe:2.3:o:sun:sunos:4.1
-
cpe:2.3:o:sun:sunos:4.1.1
-
cpe:2.3:o:sun:sunos:4.1.2
-
cpe:2.3:o:sun:sunos:4.1.3
-
cpe:2.3:o:sun:sunos:4.1.3c
-
cpe:2.3:o:sun:sunos:4.1.3u1
-
cpe:2.3:o:sun:sunos:4.1.4
-
cpe:2.3:o:sun:sunos:4.1psr_a
-
cpe:2.3:o:sun:sunos:5.0
-
cpe:2.3:o:sun:sunos:5.1
-
cpe:2.3:o:sun:sunos:5.2
-
cpe:2.3:o:sun:sunos:5.3
-
cpe:2.3:o:sun:sunos:5.4
-
cpe:2.3:o:sun:sunos:5.5
-
cpe:2.3:o:sun:sunos:5.5.1
-
cpe:2.3:o:sun:sunos:5.6
-
cpe:2.3:o:sun:sunos:5.7
-
cpe:2.3:o:sun:sunos:5.8
-
cpe:2.3:o:sun:sunos:5.9