7.2

CVE-2003-0144

Exploit

EPSS 0.25%
Veröffentlicht 31.03.2003 05:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Buffer overflow in the lprm command in the lprold lpr package on SuSE 7.1 through 7.3, OpenBSD 3.2 and earlier, and possibly other operating systems, allows local users to gain root privileges via long command line arguments such as (1) request ID or (2) user name.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 14

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Lprold ≫ Lprold Version3.0.48

Bsd ≫ Lpr Version0.48

Bsd ≫ Lpr Version2000-05-07

Freebsd ≫ Freebsd Version2.2

Freebsd ≫ Freebsd Version2.2.2

Freebsd ≫ Freebsd Version2.2.3

Freebsd ≫ Freebsd Version2.2.4

Freebsd ≫ Freebsd Version2.2.5

Freebsd ≫ Freebsd Version2.2.6

Openbsd ≫ Openbsd Version2.0

Openbsd ≫ Openbsd Version2.1

Openbsd ≫ Openbsd Version2.2

Openbsd ≫ Openbsd Version2.3

Openbsd ≫ Openbsd Version2.4

Openbsd ≫ Openbsd Version2.5

Openbsd ≫ Openbsd Version2.6

Openbsd ≫ Openbsd Version2.7

Openbsd ≫ Openbsd Version2.8

Openbsd ≫ Openbsd Version2.9

Openbsd ≫ Openbsd Version3.0

Openbsd ≫ Openbsd Version3.1

Openbsd ≫ Openbsd Version3.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.25%	0.454

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/010_lprm.patch

ftp://patches.sgi.com/support/free/security/advisories/20030406-02-P

http://marc.info/?l=bugtraq&m=104690434504429&w=2

http://marc.info/?l=bugtraq&m=104714441925019&w=2

http://secunia.com/advisories/8293

http://www.debian.org/security/2003/dsa-267

http://www.debian.org/security/2003/dsa-275

http://www.mandriva.com/security/advisories?name=MDKSA-2003:059

http://www.novell.com/linux/security/advisories/2003_014_lprold.html

http://www.securityfocus.com/bid/7025

Patch

Vendor Advisory

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/11473

https://nvd.nist.gov/vuln/detail/CVE-2003-0144

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2003-0144

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2003-0144

EUVD