CVE-2001-0800
published 2001-12-06CVE-2001-0800: lpsched in IRIX 6.5.13f and earlier allows remote attackers to execute arbitrary commands via shell metacharacters.
PriorityP349critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
54.12%
98.9th percentile
lpsched in IRIX 6.5.13f and earlier allows remote attackers to execute arbitrary commands via shell metacharacters.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sgi | irix | <= 6.5.13f | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect exploitation attempts by monitoring LPD (port 515/TCP) traffic for lines beginning with 'T;' followed by shell metacharacters or command strings — this is the malicious tagprinter request format used to inject arbitrary commands into lpsched. ↗
- →The exploit targets the in.lpd service (lpsched) on IRIX 6.5.13f and earlier; alert on unexpected process spawning (e.g., shell children) from the lpsched/in.lpd process. ↗
- ·The Metasploit module payload is constrained to 512 bytes and requires a 'cmd' payload type with 'generic telnet' compatibility; payloads exceeding this space or using other types will not function correctly. ↗
- ·The module is described as non-privileged ('Privileged' => false), meaning the resulting command execution context may be limited to the LPD service account rather than root. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Irix LPD tagprinter - Command Execution (Metasploit)
exploitdb·2001-09-01
CVE-2001-0800 Irix LPD tagprinter - Command Execution (Metasploit)
Irix LPD tagprinter - Command Execution (Metasploit)
---
##
# $Id: tagprinter_exec.rb 10561 2010-10-06 00:53:45Z hdm $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 'Irix LPD tagprinter Command Execution',
'Description' => %q{
This module exploits an arbitrary command execution flaw in
the in.lpd service shipped with all versions of Irix.
},
'Author' => [ 'optyx', 'hdm' ],
'License' => MSF_LICENSE,
'Version' => '$Revision: 10561 $',
'References' =>
[
['CVE', '2001-0800'],
['OSVDB', '8573'],
['URL', 'http://www.lsd-pl.net/code/IRIX/irx_lpsc
Metasploit
Irix LPD tagprinter Command Execution
metasploit
Irix LPD tagprinter Command Execution
Irix LPD tagprinter Command Execution
This module exploits an arbitrary command execution flaw in the in.lpd service shipped with all versions of Irix.
No writeups or analysis indexed.
ftp://patches.sgi.com/support/free/security/advisories/20011003-02-Phttp://www.lsd-pl.net/files/get?IRIX/irx_lpsched2http://www.securityfocus.com/bid/27566ftp://patches.sgi.com/support/free/security/advisories/20011003-02-Phttp://www.lsd-pl.net/files/get?IRIX/irx_lpsched2http://www.securityfocus.com/bid/27566
2001-12-06
Published