CVE-2000-1220
published 2000-01-08CVE-2000-1220: The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute…
critical10CVSS 3.1
AVNACLAuNCCICAC
EXPLOIT
The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file.
Affected
34 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | lpr | < lpr 1:0.48-1 (bookworm) | lpr 1:0.48-1 (bookworm) |
| redhat | linux | — | — |
| redhat | linux | — | — |
| redhat | linux | — | — |
| redhat | linux | — | — |
| redhat | linux | — | — |
| redhat | linux | — | — |
| redhat | linux | — | — |
| redhat | linux | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
CVSS provenance
nvd10.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
osv10.0CRITICAL