Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2001-0369

4 documents4 sources

Severity

7.2HIGH

EPSS

0.3%

top 50.87%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Digital Unix

Timeline

PublishedJun 27

Latest updateApr 30

Description

Buffer overflow in lpsched on DGUX version R4.20MU06 and MU02 allows a local attacker to obtain root access via a long command line argument (non-existent printer name).

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

▶NVDdigital/unixmu02, r4.20mu06+1

🔴Vulnerability Details

GHSA

GHSA-c947-r3rw-whg9: Buffer overflow in lpsched on DGUX version R4↗2022-04-30

▶

CVEList

CVE-2001-0369: Buffer overflow in lpsched on DGUX version R4↗2001-05-24

▶

💥Exploits & PoCs

Exploit-DB

DG/UX 4.20 lpsched - 'Error Message' Local Buffer Overflow↗2001-03-19

▶