CVE-2000-0917

Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands.

Score10.0
Access VectorNETWORK
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactCOMPLETE
Integrity ImpactCOMPLETE
Availability ImpactCOMPLETE
Published2000-12-19 12:00:00.000-05
Last Modified2017-10-09 09:29:22.000-04

Vulnerable Software List

VendorProductVersions
Caldera Openlinux Ebuilder 3.0
Caldera Openlinux Edesktop 2.4
Caldera Openlinux Eserver 2.3
Caldera Openlinux
Redhat Linux 7.0
Trustix Secure Linux 1.0, 1.1

References

SourceLink
FREEBSDFreeBSD-SA-00:56
BUGTRAQ20000925 Format strings: bug #2: LPRng
CALDERACSSA-2000-033.0
CERTCA-2000-22
REDHATRHSA-2000:065
BID1712
XFlprng-format-string(5287)