QwikSec

Security Database

CVE

CWE

Training

CVE-2001-1583

Published: Sep 23, 2007

Modified: Aug 8, 2024

PUBLISHED

Description

lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers to execute arbitrary commands via a job request with a crafted control file that is not properly handled when lpd invokes a mail program. NOTE: this might be the same vulnerability as CVE-2000-1220.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://metasploit.com/projects/Framework/modules/exploits/solaris_lpd_exec.pm

x_refsource_MISC

vdb-entry

x_refsource_BID

20010831 Solaris LPD Exploit (fwd)

mailing-list

x_refsource_BUGTRAQ

vdb-entry

x_refsource_OSVDB

solaris-lpd-sendmail-commands(7087)

vdb-entry

x_refsource_XF

20010829 solaris lpd, KARMAPOLICE?

mailing-list

x_refsource_SF-INCIDENTS

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.