Details of VAR-199902-0043

ID

VAR-199902-0043

CVE

CVE-1999-0363

TITLE

S.u.S.E. 5.2 lpc Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-199902-008

DESCRIPTION

SuSE 5.2 PLP lpc program has a buffer overflow that leads to root compromise. The PLP Line Printer Control program, shipped with S.u.S.E. 5.2 is vulnerable to a local remote buffer overflow. You can determine whether you're vulnerable or not by typing 'lpc'. If you're presented with an lpc version number, you're vulnerable. The consequences of lpc exploitation are root access for a local user

Trust: 1.26

sources: NVD: CVE-1999-0363 // BID: 328 // VULHUB: VHN-363

AFFECTED PRODUCTS

vendor:	suse	model:	linux	scope:	eq	version:	5.2	Trust: 1.3
vendor:	plp	model:	line printer control	scope:	eq	version:	*	Trust: 1.0
vendor:	plp	model:	line printer control	scope:	-	version:	-	Trust: 0.6
vendor:	suse	model:	linux	scope:	ne	version:	5.1	Trust: 0.3
vendor:	suse	model:	linux	scope:	ne	version:	5.0	Trust: 0.3

sources: BID: 328 // CNNVD: CNNVD-199902-008 // NVD: CVE-1999-0363

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-1999-0363
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-199902-008
value:	HIGH
Trust: 0.6
VULHUB:	VHN-363
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-1999-0363
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-363
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-363 // CNNVD: CNNVD-199902-008 // NVD: CVE-1999-0363

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-1999-0363

THREAT TYPE

local

Trust: 0.9

sources: BID: 328 // CNNVD: CNNVD-199902-008

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-199902-008

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-363

EXTERNAL IDS

db:	BID	id:	328	Trust: 2.0
db:	NVD	id:	CVE-1999-0363	Trust: 1.7
db:	CNNVD	id:	CNNVD-199902-008	Trust: 0.7
db:	EXPLOIT-DB	id:	19259	Trust: 0.1
db:	VULHUB	id:	VHN-363	Trust: 0.1

sources: VULHUB: VHN-363 // BID: 328 // CNNVD: CNNVD-199902-008 // NVD: CVE-1999-0363

REFERENCES

url:	http://www.securityfocus.com/bid/328	Trust: 1.7
url:	-	Trust: 0.1

sources: VULHUB: VHN-363 // CNNVD: CNNVD-199902-008 // NVD: CVE-1999-0363

CREDITS

First posted to BugTraq by xnec <xnec@INFERNO.TUSCULUM.EDU> on Feb 3, 1999.

Trust: 0.9

sources: BID: 328 // CNNVD: CNNVD-199902-008

SOURCES

db:	VULHUB	id:	VHN-363
db:	BID	id:	328
db:	CNNVD	id:	CNNVD-199902-008
db:	NVD	id:	CVE-1999-0363

LAST UPDATE DATE

2024-08-14T15:45:54.532000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-363	date:	2008-09-09T00:00:00
db:	BID	id:	328	date:	1999-02-03T00:00:00
db:	CNNVD	id:	CNNVD-199902-008	date:	2005-05-02T00:00:00
db:	NVD	id:	CVE-1999-0363	date:	2008-09-09T12:34:25.103

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-363	date:	1999-02-02T00:00:00
db:	BID	id:	328	date:	1999-02-03T00:00:00
db:	CNNVD	id:	CNNVD-199902-008	date:	1999-02-02T00:00:00
db:	NVD	id:	CVE-1999-0363	date:	1999-02-02T05:00:00