CVE-2001-1177
published 2001-07-17CVE-2001-1177: ml85p in Samsung ML-85G GDI printer driver before 0.2.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
PriorityP414medium6.2CVSS 2.0
AVLACHAuNCCICAC
EXPLOIT
EPSS
1.00%
58.4th percentile
ml85p in Samsung ML-85G GDI printer driver before 0.2.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| samsung | ml-85p_printer_driver | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Samsung ml85p Printer Driver 1.0 - Insecure Temporary File Creation (1)
exploitdb·2001-07-10
CVE-2001-1177 Samsung ml85p Printer Driver 1.0 - Insecure Temporary File Creation (1)
Samsung ml85p Printer Driver 1.0 - Insecure Temporary File Creation (1)
---
// source: https://www.securityfocus.com/bid/3008/info
ml85p is a Linux driver for Samsung ML-85G series printers. It may be bundled with distributions of Ghostscript.
ml85p does not check for symbolic links when creating image output files.
These files are created in /tmp with a guessable naming format, making it trivial for attackers to exploit this vulnerability.
Since user-supplied data is written to the target file, attackers may be able to elevate privileges.
/* ml85p-xpl.c
*
* Quick hack to exploit ml85p
*
* Simply run it with the file you want to create/overwrite
* and the data you wish to place in the file.
*
* Example:
*
* $ gcc -g -Wall ml85p-xpl.c -o ml85p-xpl
* $ ./ml85p-xpl /etc/passwd owned::0
Exploit-DB
Samsung ml85p Printer Driver 1.0 - Insecure Temporary File Creation (3)
exploitdb·2001-07-10
CVE-2001-1177 Samsung ml85p Printer Driver 1.0 - Insecure Temporary File Creation (3)
Samsung ml85p Printer Driver 1.0 - Insecure Temporary File Creation (3)
---
source: https://www.securityfocus.com/bid/3008/info
ml85p is a Linux driver for Samsung ML-85G series printers. It may be bundled with distributions of Ghostscript.
ml85p does not check for symbolic links when creating image output files.
These files are created in /tmp with a guessable naming format, making it trivial for attackers to exploit this vulnerability.
Since user-supplied data is written to the target file, attackers may be able to elevate privileges.
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/21001.tar.gz
Exploit-DB
Samsung ml85p Printer Driver 1.0 - Insecure Temporary File Creation (2)
exploitdb·2001-07-10
CVE-2001-1177 Samsung ml85p Printer Driver 1.0 - Insecure Temporary File Creation (2)
Samsung ml85p Printer Driver 1.0 - Insecure Temporary File Creation (2)
---
source: https://www.securityfocus.com/bid/3008/info
ml85p is a Linux driver for Samsung ML-85G series printers. It may be bundled with distributions of Ghostscript.
ml85p does not check for symbolic links when creating image output files.
These files are created in /tmp with a guessable naming format, making it trivial for attackers to exploit this vulnerability.
Since user-supplied data is written to the target file, attackers may be able to elevate privileges.
#!/bin/sh
# Exploit using /usr/bin/ml85p default setuid program on
# Mandrake Linux 8.0
#
# You need to be in the sys group to be able to execute
# ml85p.
echo "** ml85p exploit"
# set the required umask
umask 0
# get the number of seconds since 19
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/bugtraq/2001-07/0284.htmlhttp://www.securityfocus.com/bid/3008https://exchange.xforce.ibmcloud.com/vulnerabilities/6845http://archives.neohapsis.com/archives/bugtraq/2001-07/0284.htmlhttp://www.securityfocus.com/bid/3008https://exchange.xforce.ibmcloud.com/vulnerabilities/6845
2001-07-17
Published