CVE-2000-1221
RedHat 6.1 / IRIX 6.5.18 - 'lpd' Command Execution
Severity Score
10.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2000-01-08 CVE Published
- 2000-01-11 First Exploit
- 2005-04-21 CVE Reserved
- 2024-03-28 EPSS Updated
- 2024-08-08 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| http://www.kb.cert.org/vuls/id/30308 | Third Party Advisory |
|
| http://www.securityfocus.com/bid/927 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/3840 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/19722 | 2000-01-11 |
| URL | Date | SRC |
|---|---|---|
| ftp://patches.sgi.com/support/free/security/advisories/20021104-01-P | 2017-07-11 | |
| http://www.debian.org/security/2000/20000109 | 2017-07-11 |
| URL | Date | SRC |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2000-002.html | 2017-07-11 | |
| http://www.atstake.com/research/advisories/2000/lpd_advisory.txt | 2017-07-11 | |
| http://www.l0pht.com/advisories/lpd_advisory | 2017-07-11 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Sgi Search vendor "Sgi" | Irix Search vendor "Sgi" for product "Irix" | 6.5 Search vendor "Sgi" for product "Irix" and version "6.5" | - |
Affected
| ||||||
| Sgi Search vendor "Sgi" | Irix Search vendor "Sgi" for product "Irix" | 6.5.1 Search vendor "Sgi" for product "Irix" and version "6.5.1" | - |
Affected
| ||||||
| Sgi Search vendor "Sgi" | Irix Search vendor "Sgi" for product "Irix" | 6.5.2 Search vendor "Sgi" for product "Irix" and version "6.5.2" | - |
Affected
| ||||||
| Sgi Search vendor "Sgi" | Irix Search vendor "Sgi" for product "Irix" | 6.5.3 Search vendor "Sgi" for product "Irix" and version "6.5.3" | - |
Affected
| ||||||
| Sgi Search vendor "Sgi" | Irix Search vendor "Sgi" for product "Irix" | 6.5.4 Search vendor "Sgi" for product "Irix" and version "6.5.4" | - |
Affected
| ||||||
| Sgi Search vendor "Sgi" | Irix Search vendor "Sgi" for product "Irix" | 6.5.5 Search vendor "Sgi" for product "Irix" and version "6.5.5" | - |
Affected
| ||||||
| Sgi Search vendor "Sgi" | Irix Search vendor "Sgi" for product "Irix" | 6.5.6 Search vendor "Sgi" for product "Irix" and version "6.5.6" | - |
Affected
| ||||||
| Sgi Search vendor "Sgi" | Irix Search vendor "Sgi" for product "Irix" | 6.5.7 Search vendor "Sgi" for product "Irix" and version "6.5.7" | - |
Affected
| ||||||
| Sgi Search vendor "Sgi" | Irix Search vendor "Sgi" for product "Irix" | 6.5.8 Search vendor "Sgi" for product "Irix" and version "6.5.8" | - |
Affected
| ||||||
| Sgi Search vendor "Sgi" | Irix Search vendor "Sgi" for product "Irix" | 6.5.9 Search vendor "Sgi" for product "Irix" and version "6.5.9" | - |
Affected
| ||||||
| Sgi Search vendor "Sgi" | Irix Search vendor "Sgi" for product "Irix" | 6.5.10 Search vendor "Sgi" for product "Irix" and version "6.5.10" | - |
Affected
| ||||||
| Sgi Search vendor "Sgi" | Irix Search vendor "Sgi" for product "Irix" | 6.5.11 Search vendor "Sgi" for product "Irix" and version "6.5.11" | - |
Affected
| ||||||
| Sgi Search vendor "Sgi" | Irix Search vendor "Sgi" for product "Irix" | 6.5.12 Search vendor "Sgi" for product "Irix" and version "6.5.12" | - |
Affected
| ||||||
| Sgi Search vendor "Sgi" | Irix Search vendor "Sgi" for product "Irix" | 6.5.13 Search vendor "Sgi" for product "Irix" and version "6.5.13" | - |
Affected
| ||||||
| Sgi Search vendor "Sgi" | Irix Search vendor "Sgi" for product "Irix" | 6.5.14f Search vendor "Sgi" for product "Irix" and version "6.5.14f" | - |
Affected
| ||||||
| Sgi Search vendor "Sgi" | Irix Search vendor "Sgi" for product "Irix" | 6.5.14m Search vendor "Sgi" for product "Irix" and version "6.5.14m" | - |
Affected
| ||||||
| Sgi Search vendor "Sgi" | Irix Search vendor "Sgi" for product "Irix" | 6.5.15f Search vendor "Sgi" for product "Irix" and version "6.5.15f" | - |
Affected
| ||||||
| Sgi Search vendor "Sgi" | Irix Search vendor "Sgi" for product "Irix" | 6.5.15m Search vendor "Sgi" for product "Irix" and version "6.5.15m" | - |
Affected
| ||||||
| Sgi Search vendor "Sgi" | Irix Search vendor "Sgi" for product "Irix" | 6.5.16f Search vendor "Sgi" for product "Irix" and version "6.5.16f" | - |
Affected
| ||||||
| Sgi Search vendor "Sgi" | Irix Search vendor "Sgi" for product "Irix" | 6.5.16m Search vendor "Sgi" for product "Irix" and version "6.5.16m" | - |
Affected
| ||||||
| Sgi Search vendor "Sgi" | Irix Search vendor "Sgi" for product "Irix" | 6.5.17f Search vendor "Sgi" for product "Irix" and version "6.5.17f" | - |
Affected
| ||||||
| Sgi Search vendor "Sgi" | Irix Search vendor "Sgi" for product "Irix" | 6.5.17m Search vendor "Sgi" for product "Irix" and version "6.5.17m" | - |
Affected
| ||||||
| Sgi Search vendor "Sgi" | Irix Search vendor "Sgi" for product "Irix" | 6.5.18f Search vendor "Sgi" for product "Irix" and version "6.5.18f" | - |
Affected
| ||||||
| Sgi Search vendor "Sgi" | Irix Search vendor "Sgi" for product "Irix" | 6.5.18m Search vendor "Sgi" for product "Irix" and version "6.5.18m" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 2.1 Search vendor "Debian" for product "Debian Linux" and version "2.1" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Linux Search vendor "Redhat" for product "Linux" | 4.1 Search vendor "Redhat" for product "Linux" and version "4.1" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Linux Search vendor "Redhat" for product "Linux" | 4.2 Search vendor "Redhat" for product "Linux" and version "4.2" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Linux Search vendor "Redhat" for product "Linux" | 5.0 Search vendor "Redhat" for product "Linux" and version "5.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Linux Search vendor "Redhat" for product "Linux" | 5.2 Search vendor "Redhat" for product "Linux" and version "5.2" | i386 |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Linux Search vendor "Redhat" for product "Linux" | 6.0 Search vendor "Redhat" for product "Linux" and version "6.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Linux Search vendor "Redhat" for product "Linux" | 6.1 Search vendor "Redhat" for product "Linux" and version "6.1" | i386 |
Affected
| ||||||