CVE-2000-1221

The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.1:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.2:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.3:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.4:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.5:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.6:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.7:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.8:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.9:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.10:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.11:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.12:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.13:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.14f:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.14m:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.15f:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.15m:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.16f:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.16m:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.17f:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.17m:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.18f:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.5.18m:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:debian:debian_linux:2.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:4.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:4.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:5.2:*:i386:*:*:*:*:*
cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:6.1:*:i386:*:*:*:*:*

History

20 Nov 2024, 23:34

Type Values Removed Values Added
References () ftp://patches.sgi.com/support/free/security/advisories/20021104-01-P - Patch () ftp://patches.sgi.com/support/free/security/advisories/20021104-01-P - Patch
References () http://rhn.redhat.com/errata/RHSA-2000-002.html - () http://rhn.redhat.com/errata/RHSA-2000-002.html -
References () http://www.atstake.com/research/advisories/2000/lpd_advisory.txt - () http://www.atstake.com/research/advisories/2000/lpd_advisory.txt -
References () http://www.debian.org/security/2000/20000109 - Patch () http://www.debian.org/security/2000/20000109 - Patch
References () http://www.kb.cert.org/vuls/id/30308 - US Government Resource () http://www.kb.cert.org/vuls/id/30308 - US Government Resource
References () http://www.l0pht.com/advisories/lpd_advisory - () http://www.l0pht.com/advisories/lpd_advisory -
References () http://www.securityfocus.com/bid/927 - () http://www.securityfocus.com/bid/927 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/3840 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/3840 -

Information

Published : 2000-01-08 05:00

Updated : 2024-11-20 23:34


NVD link : CVE-2000-1221

Mitre link : CVE-2000-1221

CVE.ORG link : CVE-2000-1221


JSON object : View

Products Affected

sgi

  • irix

redhat

  • linux

debian

  • debian_linux