CVE-2001-0670 — HIGH (7.5) — White Hats Nepal

Q: How severe is CVE-2001-0670?

CVE-2001-0670 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2001-0670?

Check the references section above for vendor advisories and patch information. Affected products include: Bsd Bsd, Freebsd Freebsd, Netbsd Netbsd, Openbsd Openbsd.

Vulnerability Description

Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various BSD-based operating systems allows remote attackers to execute arbitrary code via an incomplete print job followed by a request to display the printer queue.

CVSS Score

7.5

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Bsd	Bsd	<= 4.1
Freebsd	Freebsd	<= 4.3
Netbsd	Netbsd	<= 1.5.1
Openbsd	Openbsd	All versions

References

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-018.txt.asc
ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.20/CSSA-2001-SCO.2Patch
http://www.cert.org/advisories/CA-2001-30.htmlUS Government Resource
http://www.kb.cert.org/vuls/id/274043US Government Resource
http://www.openbsd.com/errata28.htmlPatch
http://www.redhat.com/support/errata/RHSA-2001-147.html
http://www.securityfocus.com/bid/3252
http://xforce.iss.net/alerts/advise94.phpPatchVendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/7046
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-018.txt.asc
ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.20/CSSA-2001-SCO.2Patch
http://www.cert.org/advisories/CA-2001-30.htmlUS Government Resource
http://www.kb.cert.org/vuls/id/274043US Government Resource
http://www.openbsd.com/errata28.htmlPatch
http://www.redhat.com/support/errata/RHSA-2001-147.html

FAQ

What is CVE-2001-0670?

CVE-2001-0670 is a vulnerability with a CVSS score of 7.5 (HIGH). Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various BSD-based operating systems allows remote attackers to execute arbitrary code via an incomplete print job followed by a request to...

How severe is CVE-2001-0670?

CVE-2001-0670 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2001-0670?

Check the references section above for vendor advisories and patch information. Affected products include: Bsd Bsd, Freebsd Freebsd, Netbsd Netbsd, Openbsd Openbsd.