Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2003-0144 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Lprold

7 documents6 sources

Severity

7.2HIGHNVD

EPSS

0.3%

top 51.75%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

BSD LPR Debian LPR Freebsd +2 more

Timeline

PublishedMar 31

Latest updateMay 3

Description

Buffer overflow in the lprm command in the lprold lpr package on SuSE 7.1 through 7.3, OpenBSD 3.2 and earlier, and possibly other operating systems, allows local users to gain root privileges via long command line arguments such as (1) request ID or (2) user name.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages5 packages

▶NVDlprold/lprold3.0.48

▶NVDopenbsd/openbsd13 versions+12

▶debiandebian/lpr< lpr 1:2000.05.07-4.20 (bookworm)

▶Debianbsd/lpr< 1:2000.05.07-4.20+3

▶NVDbsd/lpr0.48, 2000-05-07+1

Also affects: Freebsd 2.2, 2.2.2, 2.2.3, 2.2.4, 2.2.5, 2.2.6

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-45pq-qjc7-hf9c: Buffer overflow in the lprm command in the lprold lpr package on SuSE 7↗2022-05-03

▶

OSV

CVE-2003-0144: Buffer overflow in the lprm command in the lprold lpr package on SuSE 7↗2003-03-31

▶

💥Exploits & PoCs

Exploit-DB

BSD 'lpr' 2000.05.07/0.48/0.72 / lpr-ppd 0.72 - Local Buffer Overflow (1)↗1998-04-22

▶

Exploit-DB

BSD 'lpr' 2000.05.07/0.48/0.72 / lpr-ppd 0.72 - Local Buffer Overflow (2)↗1998-04-22

▶

📋Vendor Advisories

Debian

CVE-2003-0144: lpr - Buffer overflow in the lprm command in the lprold lpr package on SuSE 7.1 throug...↗2003

▶