Vulnerability Description
The dccscan setuid program in LPPlus does not properly check if the user has the permissions to print the file that is specified to dccscan, which allows local users to print arbitrary files.
CVSS Score
2.1
LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Plus Technologies | Lpplus | 3.2.2 |
References
- http://archives.neohapsis.com/archives/bugtraq/2000-08/0531.htmlVendor Advisory
- http://www.securityfocus.com/bid/1644ExploitVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5201
- http://archives.neohapsis.com/archives/bugtraq/2000-08/0531.htmlVendor Advisory
- http://www.securityfocus.com/bid/1644ExploitVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5201
FAQ
What is CVE-2000-0881?
CVE-2000-0881 is a vulnerability with a CVSS score of 2.1 (LOW). The dccscan setuid program in LPPlus does not properly check if the user has the permissions to print the file that is specified to dccscan, which allows local users to print arbitrary files.
How severe is CVE-2000-0881?
CVE-2000-0881 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2000-0881?
Check the references section above for vendor advisories and patch information. Affected products include: Plus Technologies Lpplus.