Improper Installation of LPRng 3.6.x Allows Local Users to Append Trace and Logging Messages to Files

Improper Installation of LPRng 3.6.x Allows Local Users to Append Trace and Logging Messages to Files

CVE-2000-0615 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

LPRng 3.6.x improperly installs lpd as setuid root, which can allow local users to append lpd trace and logging messages to files.

Learn more about our User Device Pen Test.