Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2001-0787 — Redhat Linux vulnerability

6 documents6 sources
Severity
4.6MEDIUMNVD
EPSS
0.3%
top 47.39%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Redhat Linux
Timeline
PublishedOct 18
Latest updateApr 30

Description

LPRng in Red Hat Linux 7.0 and 7.1 does not properly drop memberships in supplemental groups when lowering privileges, which could allow a local user to elevate privileges.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages1 packages

â–¶NVDredhat/linux7.0, 7.1+1

🔴Vulnerability Details

2
GHSA
GHSA-8cwj-qxjh-6vq7: LPRng in Red Hat Linux 7↗2022-04-30
â–¶
CVEList
CVE-2001-0787: LPRng in Red Hat Linux 7↗2002-03-09
â–¶

💥Exploits & PoCs

1
Exploit-DB
LPRng 3.6.x - Failure To Drop Supplementary Groups↗2001-06-07
â–¶

📋Vendor Advisories

1
Red Hat
security flaw↗2001-06-12
â–¶

💬Community

1
Bugzilla
CVE-2001-0787 security flaw↗2018-08-16
â–¶
CVE-2001-0787 — Redhat Linux vulnerability | cvebase