Details of VAR-200107-0079

ID

VAR-200107-0079

CVE

CVE-2001-1177

TITLE

Samsung ML-85G GDI printer driver Override any code vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200107-107

DESCRIPTION

ml85p in Samsung ML-85G GDI printer driver before 0.2.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files. ml85p is a Linux driver for Samsung ML-85G series printers. It may be bundled with distributions of Ghostscript. ml85p does not check for symbolic links when creating image output files. These files are created in /tmp with a guessable naming format, making it trivial for attackers to exploit this vulnerability. Since user-supplied data is written to the target file, attackers may be able to elevate privileges

Trust: 1.26

sources: NVD: CVE-2001-1177 // BID: 3008 // VULHUB: VHN-3982

AFFECTED PRODUCTS

vendor:	samsung	model:	ml-85p printer driver	scope:	eq	version:	1.0	Trust: 1.6
vendor:	samsung	model:	ml-85g gdi printer driver	scope:	eq	version:	*	Trust: 1.0
vendor:	samsung	model:	ml-85g gdi printer driver	scope:	-	version:	-	Trust: 0.6
vendor:	samsung	model:	ml85p printer driver	scope:	eq	version:	1.0	Trust: 0.3

sources: BID: 3008 // CNNVD: CNNVD-200107-107 // NVD: CVE-2001-1177

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2001-1177
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200107-107
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-3982
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2001-1177
severity:	MEDIUM
baseScore:	6.2
vectorString:	AV:L/AC:H/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	1.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-3982
severity:	MEDIUM
baseScore:	6.2
vectorString:	AV:L/AC:H/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	1.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-3982 // CNNVD: CNNVD-200107-107 // NVD: CVE-2001-1177

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2001-1177

THREAT TYPE

local

Trust: 0.9

sources: BID: 3008 // CNNVD: CNNVD-200107-107

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200107-107

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-3982

EXTERNAL IDS

db:	BID	id:	3008	Trust: 2.0
db:	NVD	id:	CVE-2001-1177	Trust: 1.7
db:	CNNVD	id:	CNNVD-200107-107	Trust: 0.7
db:	BUGTRAQ	id:	20010717 SAMSUNG ML-85G PRINTER LINUX HELPER/DRIVER BINARY EXPLOIT (MANDRAKE: GHOSTSCRIPT PACKAGE)	Trust: 0.6
db:	XF	id:	6845	Trust: 0.6
db:	EXPLOIT-DB	id:	20999	Trust: 0.1
db:	EXPLOIT-DB	id:	21001	Trust: 0.1
db:	EXPLOIT-DB	id:	21000	Trust: 0.1
db:	SEEBUG	id:	SSVID-74848	Trust: 0.1
db:	SEEBUG	id:	SSVID-74847	Trust: 0.1
db:	SEEBUG	id:	SSVID-74849	Trust: 0.1
db:	VULHUB	id:	VHN-3982	Trust: 0.1

sources: VULHUB: VHN-3982 // BID: 3008 // CNNVD: CNNVD-200107-107 // NVD: CVE-2001-1177

REFERENCES

url:	http://www.securityfocus.com/bid/3008	Trust: 1.7
url:	http://archives.neohapsis.com/archives/bugtraq/2001-07/0284.html	Trust: 1.7
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/6845	Trust: 1.1
url:	http://xforce.iss.net/static/6845.php	Trust: 0.6
url:	http://www.securityfocus.com/archive/82/195962	Trust: 0.3
url:	/archive/1/307608	Trust: 0.3

sources: VULHUB: VHN-3982 // BID: 3008 // CNNVD: CNNVD-200107-107 // NVD: CVE-2001-1177

CREDITS

This vulnerability was discovered by KF <dotslash@snosoft.com> on July 10th, 2001. Additional input has been provided by Charles Stevenson <core@ezlink.com> and <suid@sneakerz.org>. Also discovered independently by Karol Wiesek.

Trust: 0.3

sources: BID: 3008

SOURCES

db:	VULHUB	id:	VHN-3982
db:	BID	id:	3008
db:	CNNVD	id:	CNNVD-200107-107
db:	NVD	id:	CVE-2001-1177

LAST UPDATE DATE

2024-08-14T15:09:59.797000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-3982	date:	2017-10-10T00:00:00
db:	BID	id:	3008	date:	2001-07-10T00:00:00
db:	CNNVD	id:	CNNVD-200107-107	date:	2005-08-17T00:00:00
db:	NVD	id:	CVE-2001-1177	date:	2017-10-10T01:30:01.673

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-3982	date:	2001-07-17T00:00:00
db:	BID	id:	3008	date:	2001-07-10T00:00:00
db:	CNNVD	id:	CNNVD-200107-107	date:	2001-07-17T00:00:00
db:	NVD	id:	CVE-2001-1177	date:	2001-07-17T04:00:00