CVE-2000-1220

Published: Jan 8, 2000Modified: Apr 16, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file.

Affected (32)

Products: Sgi: Irix · Redhat: Linux

1 product

1 product

Configuration A

24 vulnerable

Vulnerable Software	Affected Versions
Sgi Irix	Version 6.5.10
Sgi Irix	Version 6.5.11
Sgi Irix	Version 6.5.12
Sgi Irix	Version 6.5.13
Sgi Irix	Version 6.5.14f
Sgi Irix	Version 6.5.14m
Sgi Irix	Version 6.5.15f
Sgi Irix	Version 6.5.15m
Sgi Irix	Version 6.5.16f
Sgi Irix	Version 6.5.16m
Sgi Irix	Version 6.5.17f
Sgi Irix	Version 6.5.17m
Sgi Irix	Version 6.5.18f
Sgi Irix	Version 6.5.18m
Sgi Irix	Version 6.5.1
Sgi Irix	Version 6.5.2
Sgi Irix	Version 6.5.3
Sgi Irix	Version 6.5.4
Sgi Irix	Version 6.5.5
Sgi Irix	Version 6.5.6
Sgi Irix	Version 6.5.7
Sgi Irix	Version 6.5.8
Sgi Irix	Version 6.5.9
Sgi Irix	Version 6.5

Configuration B

8 vulnerable

Vulnerable Software	Affected Versions
Redhat Linux	Version 4.0
Redhat Linux	Version 4.1
Redhat Linux	Version 4.2
Redhat Linux	Version 5.0
Redhat Linux	Version 5.1
Redhat Linux	Version 5.2
Redhat Linux	Version 6.0
Redhat Linux	Version 6.1

References (18)

ftp://patches.sgi.com/support/free/security/advisories/20021104-01-P (unsafe URL)

Source: cve@mitre.org

http://seclists.org/lists/bugtraq/2000/Jan/0116.html

Source: cve@mitre.org

http://www.atstake.com/research/advisories/2000/lpd_advisory.txt

Source: cve@mitre.org

http://www.debian.org/security/2000/20000109

Source: cve@mitre.org

http://www.kb.cert.org/vuls/id/39001

Source: cve@mitre.org

US Government Resource

http://www.l0pht.com/advisories/lpd_advisory

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2000-002.html

Source: cve@mitre.org

http://www.securityfocus.com/bid/927

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/3841

Source: cve@mitre.org

ftp://patches.sgi.com/support/free/security/advisories/20021104-01-P (unsafe URL)

Source: af854a3a-2127-422b-91ae-364da2661108

http://seclists.org/lists/bugtraq/2000/Jan/0116.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.atstake.com/research/advisories/2000/lpd_advisory.txt

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2000/20000109

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.kb.cert.org/vuls/id/39001

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.l0pht.com/advisories/lpd_advisory

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2000-002.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/927

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/3841

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.