CVE-1999-0032
Current Description
Buffer overflow in lpr, as used in BSD-based systems including Linux, allows local users to execute arbitrary code as root via a long -C (classification) command line option.
Basic Data
Published | October 25, 1996 |
Last Modified | September 09, 2008 |
Assigner | cve@mitre.org |
Data Type | CVE |
Data Format | MITRE |
Data Version | 4.0 |
Problem Type | NVD-CWE-Other |
CVE Data Version | 4.0 |
Base Metric V2
CVSS 2 - Version | 2.0 |
CVSS 2 - Vector String | AV:L/AC:L/Au:N/C:C/I:C/A:C |
CVSS 2 - Access Vector | LOCAL |
CVSS 2 - Access Complexity | LOW |
CVSS 2 - Authentication | NONE |
CVSS 2 - Confidentiality Impact | COMPLETE |
CVSS 2 - Availability Impact | COMPLETE |
CVSS 2 - Base Score | 7.2 |
Severity | HIGH |
Exploitability Score | 3.9 |
Impact Score | 10.0 |
Obtain All Privilege | true |
Obtain User Privilege | false |
Obtain Other Privilege | false |
Base Metric V3
No data provided.
Configurations
-
OR - Configuration 1
Cpe Version | Part | Vendor | Product | Version | Update | Edition | Language | SW Edition | Target SW | Target HW | Other | Version Start Including | Version End Including | Version Start Excluding | Version End Excluding |
2.3 | OS | Sgi | Irix | 5.0 | * | * | * | * | * | * | * | |