CVE-2000-0880

Sažetak

LPPlus creates the lpdprocess file with world-writeable permissions, which allows local users to kill arbitrary processes by specifying an alternate process ID and using the setuid dcclpdshut program to kill the process that was specified in the lpdprocess file.

Reference

http://archives.neohapsis.com/archives/bugtraq/2000-08/0531.html
http://www.securityfocus.com/bid/1643
https://exchange.xforce.ibmcloud.com/vulnerabilities/5200

CVSS

Base:	3.6
Impact:	4.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:L/Au:N/C:N/I:P/A:P

Zadnje važnije ažuriranje

19-12-2017 - 02:29

Objavljeno

14-11-2000 - 05:00