7.2

CVE-2003-0144

Exploit

EPSS 0.25%
Veröffentlicht 31.03.2003 05:00:00
Zuletzt bearbeitet 16.04.2026 00:27:16
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Buffer overflow in the lprm command in the lprold lpr package on SuSE 7.1 through 7.3, OpenBSD 3.2 and earlier, and possibly other operating systems, allows local users to gain root privileges via long command line arguments such as (1) request ID or (2) user name.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 14

NVD 22 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Lprold ≫ Lprold Version3.0.48

Bsd ≫ Lpr Version0.48

Bsd ≫ Lpr Version2000-05-07

Freebsd ≫ Freebsd Version2.2

Freebsd ≫ Freebsd Version2.2.2

Freebsd ≫ Freebsd Version2.2.3

Freebsd ≫ Freebsd Version2.2.4

Freebsd ≫ Freebsd Version2.2.5

Freebsd ≫ Freebsd Version2.2.6

Openbsd ≫ Openbsd Version2.0

Openbsd ≫ Openbsd Version2.1

Openbsd ≫ Openbsd Version2.2

Openbsd ≫ Openbsd Version2.3

Openbsd ≫ Openbsd Version2.4

Openbsd ≫ Openbsd Version2.5

Openbsd ≫ Openbsd Version2.6

Openbsd ≫ Openbsd Version2.7

Openbsd ≫ Openbsd Version2.8

Openbsd ≫ Openbsd Version2.9

Openbsd ≫ Openbsd Version3.0

Openbsd ≫ Openbsd Version3.1

Openbsd ≫ Openbsd Version3.2

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.25%	0.454

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

Es wurden noch keine Informationen zu CWE veröffentlicht.

ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/010_lprm.patch

ftp://patches.sgi.com/support/free/security/advisories/20030406-02-P

http://marc.info/?l=bugtraq&m=104690434504429&w=2

http://marc.info/?l=bugtraq&m=104714441925019&w=2

http://secunia.com/advisories/8293

http://www.debian.org/security/2003/dsa-267

http://www.debian.org/security/2003/dsa-275

http://www.mandriva.com/security/advisories?name=MDKSA-2003:059

http://www.novell.com/linux/security/advisories/2003_014_lprold.html

http://www.securityfocus.com/bid/7025

Patch

Vendor Advisory

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/11473

https://nvd.nist.gov/vuln/detail/CVE-2003-0144

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2003-0144

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2003-0144

EUVD