CVE-2003-0144
NONE EPSS 77.3%
Published Mar 31, 200323y ago · Modified Jun 16, 20262w ago
Published Mar 31, 2003 23y ago
Last Modified Jun 16, 2026 2w ago
Description
Buffer overflow in the lprm command in the lprold lpr package on SuSE 7.1 through 7.3, OpenBSD 3.2 and earlier, and possibly other operating systems, allows local users to gain root privileges via long command line arguments such as (1) request ID or (2) user name.
Threat Intelligence
EPSS Exploit Probability
77.3% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available
Affected Products 22
| Vendor | Product | Version | Range |
|---|---|---|---|
| lprold | lprold | 3.0.48 | any |
| bsd | lpr | 0.48 | any |
| bsd | lpr | 2000-05-07 | any |
| freebsd | freebsd | 2.2 | any |
| freebsd | freebsd | 2.2.2 | any |
| freebsd | freebsd | 2.2.3 | any |
| freebsd | freebsd | 2.2.4 | any |
| freebsd | freebsd | 2.2.5 | any |
| freebsd | freebsd | 2.2.6 | any |
| openbsd | openbsd | 2.0 | any |
| openbsd | openbsd | 2.1 | any |
| openbsd | openbsd | 2.2 | any |
| openbsd | openbsd | 2.3 | any |
| openbsd | openbsd | 2.4 | any |
| openbsd | openbsd | 2.5 | any |
| openbsd | openbsd | 2.6 | any |
| openbsd | openbsd | 2.7 | any |
| openbsd | openbsd | 2.8 | any |
| openbsd | openbsd | 2.9 | any |
| openbsd | openbsd | 3.0 | any |
| openbsd | openbsd | 3.1 | any |
| openbsd | openbsd | 3.2 | any |
References 11
- ftp.openbsd.org ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/010_lprm.patch
- patches.sgi.com ftp://patches.sgi.com/support/free/security/advisories/20030406-02-P
- marc.info http://marc.info/?l=bugtraq&m=104690434504429&w=2
- marc.info http://marc.info/?l=bugtraq&m=104714441925019&w=2
- secunia.com http://secunia.com/advisories/8293
- debian.org http://www.debian.org/security/2003/dsa-267
- debian.org http://www.debian.org/security/2003/dsa-275
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2003:059
- novell.com http://www.novell.com/linux/security/advisories/2003_014_lprold.html
- securityfocus.com http://www.securityfocus.com/bid/7025
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/11473
Remediation
- securityfocus.com http://www.securityfocus.com/bid/7025