| Vulnerability Name: | CVE-1999-0032 (CCN-409) | ||||||||
| Assigned: | 1996-08-01 | ||||||||
| Published: | 1996-08-01 | ||||||||
| Updated: | 2008-09-09 | ||||||||
| Summary: | Buffer overflow in lpr, as used in BSD-based systems including Linux, allows local users to execute arbitrary code as root via a long -C (classification) command line option. | ||||||||
| CVSS v3 Severity: | 9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||
| References: | Source: CCN Type: Caldera International, Inc. Security Advisory SA-1996.05 Vulnerability in lpr Source: CCN Type: SGI Security Advisory 19980402-01-PX lp(1) Security Vulnerabilities Source: SGI Type: UNKNOWN 19980402-01-PX Source: CCN Type: BugTraq Mailing List, Fri, 25 Oct 1996 16:35:57 +0300 Linux & BSD's lpr exploit Source: CCN Type: CIAC Information Bulletin I-042 SGI IRIX lp(1) Security Vulnerability Source: MITRE Type: CNA CVE-1999-0032 Source: MITRE Type: CNA CVE-1999-0335 Source: CCN Type: SuSE Support Database The printer daemon in packet lprold has a security hole Source: CCN Type: CERT Advisory CA-1997-19 lpr Buffer Overrun Vulnerability Source: CIAC Type: UNKNOWN I-042 Source: BID Type: UNKNOWN 707 Source: CCN Type: BID-707 Multiple Vendor lpr Buffer Overrun Vulnerability Source: XF Type: UNKNOWN bsd-lprbo(409) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| Vulnerability Name: | CVE-1999-0032 (CCN-446) | ||||||||
| Assigned: | 1996-10-25 | ||||||||
| Published: | 1997-06-01 | ||||||||
| Updated: | 1997-06-01 | ||||||||
| Summary: | Ipr is vulnerable to a buffer overflow. An attacker can overflow a buffer to gain root privileges on the system. | ||||||||
| CVSS v3 Severity: | 9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||
| References: | Source: CCN Type: Caldera International, Inc. Security Advisory SA-1996.05 Vulnerability in lpr Source: CCN Type: FreeBSD Security Advisory FreeBSD-SA-96:18 Buffer overflow in lpr (revised) Source: CCN Type: SGI Security Advisory 19980402-01-PX lp(1) Security Vulnerabilities Source: CCN Type: BugTraq Mailing List, Fri, 25 Oct 1996 16:35:57 +0300 Linux & BSD's lpr exploit Source: CCN Type: CIAC Information Bulletin I-042 SGI IRIX lp(1) Security Vulnerability Source: MITRE Type: CNA CVE-1999-0032 Source: CCN Type: AusCERT Advisory AA-96.12 lpr Buffer Overrun Vulnerability Source: CCN Type: CERT Advisory CA-1997-19 lpr Buffer Overrun Vulnerability Source: CCN Type: BID-707 Multiple Vendor lpr Buffer Overrun Vulnerability Source: XF Type: UNKNOWN bsd-lprbo2(446) | ||||||||
| Vulnerable Configuration: | Configuration CCN 1: Denotes that component is vulnerable | ||||||||
| BACK | |||||||||