CVE-2000-0615

LPRng 3.6.x improperly installs lpd as setuid root, which can allow local users to append lpd trace and logging messages to files.

CVSS v2.0 2.1 LOW

2.1^/10

CVSS v2.0 : LOW

Vector : AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://archives.neohapsis.com/archives/bugtraq/2000-07/0117.html	Patch Vendor Advisory
http://www.securityfocus.com/bid/1447	Exploit Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/7361
http://archives.neohapsis.com/archives/bugtraq/2000-07/0117.html	Patch Vendor Advisory
http://www.securityfocus.com/bid/1447	Exploit Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/7361

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:astart_technologies:lprng:3.6.1:::::::*
	cpe:2.3:o:astart_technologies:lprng:3.6.2:::::::*
	cpe:2.3:o:astart_technologies:lprng:3.6.3:::::::*
	cpe:2.3:o:astart_technologies:lprng:3.6.4:::::::*
	cpe:2.3:o:astart_technologies:lprng:3.6.5:::::::*
	cpe:2.3:o:astart_technologies:lprng:3.6.6:::::::*
	cpe:2.3:o:astart_technologies:lprng:3.6.7:::::::*
	cpe:2.3:o:astart_technologies:lprng:3.6.8:::::::*
	cpe:2.3:o:astart_technologies:lprng:3.6.9:::::::*
	cpe:2.3:o:astart_technologies:lprng:3.6.10:::::::*
	cpe:2.3:o:astart_technologies:lprng:3.6.11:::::::*
	cpe:2.3:o:astart_technologies:lprng:3.6.12:::::::*
	cpe:2.3:o:astart_technologies:lprng:3.6.13:::::::*
	cpe:2.3:o:astart_technologies:lprng:3.6.14:::::::*
	cpe:2.3:o:astart_technologies:lprng:3.6.15:::::::*

History

No history.

Information

Published : 2000-07-19 04:00

Updated : 2025-04-03 01:03

NVD link : CVE-2000-0615

Mitre link : CVE-2000-0615

CVE.ORG link : CVE-2000-0615

JSON object : View

Products Affected

astart_technologies

lprng

CWE

NVD-CWE-Other

{"id": "CVE-2000-0615", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2000-07-19T04:00:00.000", "references": [{"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0117.html", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/1447", "tags": ["Exploit", "Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7361", "source": "cve@mitre.org"}, {"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0117.html", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/1447", "tags": ["Exploit", "Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7361", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "LPRng 3.6.x improperly installs lpd as setuid root, which can allow local users to append lpd trace and logging messages to files."}], "lastModified": "2025-04-03T01:03:51.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:astart_technologies:lprng:3.6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "78D19CF2-C520-4856-901D-7D6FF6340971"}, {"criteria": "cpe:2.3:o:astart_technologies:lprng:3.6.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB4716C2-C1EC-4C11-976B-9162503293B2"}, {"criteria": "cpe:2.3:o:astart_technologies:lprng:3.6.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "16A777F4-896E-4BC8-BC73-784F840D81B6"}, {"criteria": "cpe:2.3:o:astart_technologies:lprng:3.6.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "06C0C5A4-9AC7-4E53-8FC3-5C6A5914DA17"}, {"criteria": "cpe:2.3:o:astart_technologies:lprng:3.6.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2DC570FD-4F30-4509-B449-540CDFDFC719"}, {"criteria": "cpe:2.3:o:astart_technologies:lprng:3.6.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B045A1F-4566-4DAB-8A1A-86933F85B8B9"}, {"criteria": "cpe:2.3:o:astart_technologies:lprng:3.6.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D20FC1D5-4CCA-456B-A152-29F0DA126CA2"}, {"criteria": "cpe:2.3:o:astart_technologies:lprng:3.6.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "16DF8D2B-FEF8-47C5-9DAA-8DB92AE4B992"}, {"criteria": "cpe:2.3:o:astart_technologies:lprng:3.6.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03E4468F-44BC-47BC-AE2A-082C4D69136D"}, {"criteria": "cpe:2.3:o:astart_technologies:lprng:3.6.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9D03015-E0ED-4BF6-81C9-348A10693A34"}, {"criteria": "cpe:2.3:o:astart_technologies:lprng:3.6.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36AB2CEF-2520-4B8B-9AEF-69DA08E38AE7"}, {"criteria": "cpe:2.3:o:astart_technologies:lprng:3.6.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A4ECCF42-64C9-4D6D-8086-05952DD17847"}, {"criteria": "cpe:2.3:o:astart_technologies:lprng:3.6.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FC3298E-0FB4-49B8-8610-82CF90DAFE7D"}, {"criteria": "cpe:2.3:o:astart_technologies:lprng:3.6.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "14D76156-AC60-4669-8C3D-6CC8E7BE6900"}, {"criteria": "cpe:2.3:o:astart_technologies:lprng:3.6.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D812A04-02FA-4521-9DF3-96A1DB731498"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}