Search criteria
9 vulnerabilities found for lprng by astart_technologies
FKIE_CVE-2003-0136
Vulnerability from fkie_nvd - Published: 2003-05-05 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
psbanner in the LPRng package allows local users to overwrite arbitrary files via a symbolic link attack on the /tmp/before file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| astart_technologies | lprng | 3.7.4 | |
| astart_technologies | lprng | 3.8.9 | |
| astart_technologies | lprng | 3.8.10.1 | |
| astart_technologies | lprng | 3.8.19 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:astart_technologies:lprng:3.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "932F6771-D5DF-4003-90C8-A1DD2DC7022A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:astart_technologies:lprng:3.8.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6DBD2EE1-224D-45DB-A4E0-457B3EF08EE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:astart_technologies:lprng:3.8.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "86341048-62EF-492E-B4F0-7233E13211D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:astart_technologies:lprng:3.8.19:*:*:*:*:*:*:*",
"matchCriteriaId": "7D4EBE9A-5F3D-4BDD-BA42-E075667B5AD7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "psbanner in the LPRng package allows local users to overwrite arbitrary files via a symbolic link attack on the /tmp/before file."
},
{
"lang": "es",
"value": "psbanner en el paquete LPRng permite a usuarios locales sobreescribir ficheros mediante un ataque de enlaces simb\u00f3licos en fichero /tmp/before"
}
],
"id": "CVE-2003-0136",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-05-05T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?archive=no\u0026bug=188366"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2003/dsa-285"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-142.html"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?archive=no\u0026bug=188366"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2003/dsa-285"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-142.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A423"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2002-0378
Vulnerability from fkie_nvd - Published: 2002-07-03 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
The default configuration of LPRng print spooler in Red Hat Linux 7.0 through 7.3, Mandrake 8.1 and 8.2, and other operating systems, accepts print jobs from arbitrary remote hosts.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| astart_technologies | lprng | 3.7.4 | |
| astart_technologies | lprng | 3.8.9 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:astart_technologies:lprng:3.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "932F6771-D5DF-4003-90C8-A1DD2DC7022A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:astart_technologies:lprng:3.8.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6DBD2EE1-224D-45DB-A4E0-457B3EF08EE8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The default configuration of LPRng print spooler in Red Hat Linux 7.0 through 7.3, Mandrake 8.1 and 8.2, and other operating systems, accepts print jobs from arbitrary remote hosts."
},
{
"lang": "es",
"value": "La configuraci\u00f3n por defecto del gestor de la cola de impresi\u00f3n LPRng en Red Hat Linux 7.0 a la 7.3 acepta trabajos de impresi\u00f3n de sistemas arbitrarios remotos."
}
],
"id": "CVE-2002-0378",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-07-03T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://online.securityfocus.com/advisories/4205"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/9322.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-042.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-089.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/4980"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://online.securityfocus.com/advisories/4205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/9322.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-042.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-089.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/4980"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2000-0615
Vulnerability from fkie_nvd - Published: 2000-07-19 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
LPRng 3.6.x improperly installs lpd as setuid root, which can allow local users to append lpd trace and logging messages to files.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2000-07/0117.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/1447 | Exploit, Patch, Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/7361 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2000-07/0117.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/1447 | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/7361 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| astart_technologies | lprng | 3.6.1 | |
| astart_technologies | lprng | 3.6.2 | |
| astart_technologies | lprng | 3.6.3 | |
| astart_technologies | lprng | 3.6.4 | |
| astart_technologies | lprng | 3.6.5 | |
| astart_technologies | lprng | 3.6.6 | |
| astart_technologies | lprng | 3.6.7 | |
| astart_technologies | lprng | 3.6.8 | |
| astart_technologies | lprng | 3.6.9 | |
| astart_technologies | lprng | 3.6.10 | |
| astart_technologies | lprng | 3.6.11 | |
| astart_technologies | lprng | 3.6.12 | |
| astart_technologies | lprng | 3.6.13 | |
| astart_technologies | lprng | 3.6.14 | |
| astart_technologies | lprng | 3.6.15 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:astart_technologies:lprng:3.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78D19CF2-C520-4856-901D-7D6FF6340971",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:astart_technologies:lprng:3.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB4716C2-C1EC-4C11-976B-9162503293B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:astart_technologies:lprng:3.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "16A777F4-896E-4BC8-BC73-784F840D81B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:astart_technologies:lprng:3.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "06C0C5A4-9AC7-4E53-8FC3-5C6A5914DA17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:astart_technologies:lprng:3.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2DC570FD-4F30-4509-B449-540CDFDFC719",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:astart_technologies:lprng:3.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1B045A1F-4566-4DAB-8A1A-86933F85B8B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:astart_technologies:lprng:3.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D20FC1D5-4CCA-456B-A152-29F0DA126CA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:astart_technologies:lprng:3.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "16DF8D2B-FEF8-47C5-9DAA-8DB92AE4B992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:astart_technologies:lprng:3.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "03E4468F-44BC-47BC-AE2A-082C4D69136D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:astart_technologies:lprng:3.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C9D03015-E0ED-4BF6-81C9-348A10693A34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:astart_technologies:lprng:3.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "36AB2CEF-2520-4B8B-9AEF-69DA08E38AE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:astart_technologies:lprng:3.6.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A4ECCF42-64C9-4D6D-8086-05952DD17847",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:astart_technologies:lprng:3.6.13:*:*:*:*:*:*:*",
"matchCriteriaId": "9FC3298E-0FB4-49B8-8610-82CF90DAFE7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:astart_technologies:lprng:3.6.14:*:*:*:*:*:*:*",
"matchCriteriaId": "14D76156-AC60-4669-8C3D-6CC8E7BE6900",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:astart_technologies:lprng:3.6.15:*:*:*:*:*:*:*",
"matchCriteriaId": "1D812A04-02FA-4521-9DF3-96A1DB731498",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LPRng 3.6.x improperly installs lpd as setuid root, which can allow local users to append lpd trace and logging messages to files."
}
],
"id": "CVE-2000-0615",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-07-19T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0117.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1447"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7361"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0117.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1447"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7361"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2003-0136 (GCVE-0-2003-0136)
Vulnerability from cvelistv5 – Published: 2003-04-15 04:00 – Updated: 2024-08-08 01:43
VLAI?
Summary
psbanner in the LPRng package allows local users to overwrite arbitrary files via a symbolic link attack on the /tmp/before file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:35.915Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?archive=no\u0026bug=188366"
},
{
"name": "RHSA-2003:142",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-142.html"
},
{
"name": "DSA-285",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-285"
},
{
"name": "oval:org.mitre.oval:def:423",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A423"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-04-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "psbanner in the LPRng package allows local users to overwrite arbitrary files via a symbolic link attack on the /tmp/before file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?archive=no\u0026bug=188366"
},
{
"name": "RHSA-2003:142",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-142.html"
},
{
"name": "DSA-285",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-285"
},
{
"name": "oval:org.mitre.oval:def:423",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A423"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0136",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "psbanner in the LPRng package allows local users to overwrite arbitrary files via a symbolic link attack on the /tmp/before file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?archive=no\u0026bug=188366",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?archive=no\u0026bug=188366"
},
{
"name": "RHSA-2003:142",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-142.html"
},
{
"name": "DSA-285",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-285"
},
{
"name": "oval:org.mitre.oval:def:423",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A423"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0136",
"datePublished": "2003-04-15T04:00:00",
"dateReserved": "2003-03-13T00:00:00",
"dateUpdated": "2024-08-08T01:43:35.915Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0378 (GCVE-0-2002-0378)
Vulnerability from cvelistv5 – Published: 2002-06-15 04:00 – Updated: 2024-08-08 02:49
VLAI?
Summary
The default configuration of LPRng print spooler in Red Hat Linux 7.0 through 7.3, Mandrake 8.1 and 8.2, and other operating systems, accepts print jobs from arbitrary remote hosts.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:49:28.406Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2002:089",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-089.html"
},
{
"name": "MDKSA-2002:042",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-042.php"
},
{
"name": "4980",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4980"
},
{
"name": "HPSBTL0206-048",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://online.securityfocus.com/advisories/4205"
},
{
"name": "lprng-remote-jobs-dos(9322)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9322.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-06-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The default configuration of LPRng print spooler in Red Hat Linux 7.0 through 7.3, Mandrake 8.1 and 8.2, and other operating systems, accepts print jobs from arbitrary remote hosts."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-08-17T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2002:089",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-089.html"
},
{
"name": "MDKSA-2002:042",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-042.php"
},
{
"name": "4980",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4980"
},
{
"name": "HPSBTL0206-048",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://online.securityfocus.com/advisories/4205"
},
{
"name": "lprng-remote-jobs-dos(9322)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9322.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0378",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The default configuration of LPRng print spooler in Red Hat Linux 7.0 through 7.3, Mandrake 8.1 and 8.2, and other operating systems, accepts print jobs from arbitrary remote hosts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2002:089",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-089.html"
},
{
"name": "MDKSA-2002:042",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-042.php"
},
{
"name": "4980",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4980"
},
{
"name": "HPSBTL0206-048",
"refsource": "HP",
"url": "http://online.securityfocus.com/advisories/4205"
},
{
"name": "lprng-remote-jobs-dos(9322)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9322.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0378",
"datePublished": "2002-06-15T04:00:00",
"dateReserved": "2002-05-16T00:00:00",
"dateUpdated": "2024-08-08T02:49:28.406Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0615 (GCVE-0-2000-0615)
Vulnerability from cvelistv5 – Published: 2002-03-09 05:00 – Updated: 2024-08-08 05:21
VLAI?
Summary
LPRng 3.6.x improperly installs lpd as setuid root, which can allow local users to append lpd trace and logging messages to files.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:21:31.298Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "lpd-suid-root(7361)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7361"
},
{
"name": "20000709 LPRng lpd should not be SETUID root",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0117.html"
},
{
"name": "1447",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1447"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-07-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "LPRng 3.6.x improperly installs lpd as setuid root, which can allow local users to append lpd trace and logging messages to files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-02-22T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "lpd-suid-root(7361)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7361"
},
{
"name": "20000709 LPRng lpd should not be SETUID root",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0117.html"
},
{
"name": "1447",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1447"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0615",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LPRng 3.6.x improperly installs lpd as setuid root, which can allow local users to append lpd trace and logging messages to files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "lpd-suid-root(7361)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7361"
},
{
"name": "20000709 LPRng lpd should not be SETUID root",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0117.html"
},
{
"name": "1447",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1447"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0615",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2000-07-19T00:00:00",
"dateUpdated": "2024-08-08T05:21:31.298Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0136 (GCVE-0-2003-0136)
Vulnerability from nvd – Published: 2003-04-15 04:00 – Updated: 2024-08-08 01:43
VLAI?
Summary
psbanner in the LPRng package allows local users to overwrite arbitrary files via a symbolic link attack on the /tmp/before file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:35.915Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?archive=no\u0026bug=188366"
},
{
"name": "RHSA-2003:142",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-142.html"
},
{
"name": "DSA-285",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-285"
},
{
"name": "oval:org.mitre.oval:def:423",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A423"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-04-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "psbanner in the LPRng package allows local users to overwrite arbitrary files via a symbolic link attack on the /tmp/before file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?archive=no\u0026bug=188366"
},
{
"name": "RHSA-2003:142",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-142.html"
},
{
"name": "DSA-285",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-285"
},
{
"name": "oval:org.mitre.oval:def:423",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A423"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0136",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "psbanner in the LPRng package allows local users to overwrite arbitrary files via a symbolic link attack on the /tmp/before file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?archive=no\u0026bug=188366",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?archive=no\u0026bug=188366"
},
{
"name": "RHSA-2003:142",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-142.html"
},
{
"name": "DSA-285",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-285"
},
{
"name": "oval:org.mitre.oval:def:423",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A423"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0136",
"datePublished": "2003-04-15T04:00:00",
"dateReserved": "2003-03-13T00:00:00",
"dateUpdated": "2024-08-08T01:43:35.915Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0378 (GCVE-0-2002-0378)
Vulnerability from nvd – Published: 2002-06-15 04:00 – Updated: 2024-08-08 02:49
VLAI?
Summary
The default configuration of LPRng print spooler in Red Hat Linux 7.0 through 7.3, Mandrake 8.1 and 8.2, and other operating systems, accepts print jobs from arbitrary remote hosts.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:49:28.406Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2002:089",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-089.html"
},
{
"name": "MDKSA-2002:042",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-042.php"
},
{
"name": "4980",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4980"
},
{
"name": "HPSBTL0206-048",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://online.securityfocus.com/advisories/4205"
},
{
"name": "lprng-remote-jobs-dos(9322)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9322.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-06-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The default configuration of LPRng print spooler in Red Hat Linux 7.0 through 7.3, Mandrake 8.1 and 8.2, and other operating systems, accepts print jobs from arbitrary remote hosts."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-08-17T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2002:089",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-089.html"
},
{
"name": "MDKSA-2002:042",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-042.php"
},
{
"name": "4980",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4980"
},
{
"name": "HPSBTL0206-048",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://online.securityfocus.com/advisories/4205"
},
{
"name": "lprng-remote-jobs-dos(9322)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9322.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0378",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The default configuration of LPRng print spooler in Red Hat Linux 7.0 through 7.3, Mandrake 8.1 and 8.2, and other operating systems, accepts print jobs from arbitrary remote hosts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2002:089",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-089.html"
},
{
"name": "MDKSA-2002:042",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-042.php"
},
{
"name": "4980",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4980"
},
{
"name": "HPSBTL0206-048",
"refsource": "HP",
"url": "http://online.securityfocus.com/advisories/4205"
},
{
"name": "lprng-remote-jobs-dos(9322)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9322.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0378",
"datePublished": "2002-06-15T04:00:00",
"dateReserved": "2002-05-16T00:00:00",
"dateUpdated": "2024-08-08T02:49:28.406Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0615 (GCVE-0-2000-0615)
Vulnerability from nvd – Published: 2002-03-09 05:00 – Updated: 2024-08-08 05:21
VLAI?
Summary
LPRng 3.6.x improperly installs lpd as setuid root, which can allow local users to append lpd trace and logging messages to files.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:21:31.298Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "lpd-suid-root(7361)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7361"
},
{
"name": "20000709 LPRng lpd should not be SETUID root",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0117.html"
},
{
"name": "1447",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1447"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-07-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "LPRng 3.6.x improperly installs lpd as setuid root, which can allow local users to append lpd trace and logging messages to files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-02-22T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "lpd-suid-root(7361)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7361"
},
{
"name": "20000709 LPRng lpd should not be SETUID root",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0117.html"
},
{
"name": "1447",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1447"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0615",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LPRng 3.6.x improperly installs lpd as setuid root, which can allow local users to append lpd trace and logging messages to files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "lpd-suid-root(7361)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7361"
},
{
"name": "20000709 LPRng lpd should not be SETUID root",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0117.html"
},
{
"name": "1447",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1447"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0615",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2000-07-19T00:00:00",
"dateUpdated": "2024-08-08T05:21:31.298Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}