Arbitrary Local Users Can Start and Stop LPD Services through LPPlus Programs

Arbitrary Local Users Can Start and Stop LPD Services through LPPlus Programs

CVE-2000-0879 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:N/A:P

LPPlus programs dccsched, dcclpdser, dccbkst, dccshut, dcclpdshut, and dccbkstshut are installed setuid root and world executable, which allows arbitrary local users to start and stop various LPD services.

Learn more about our User Device Pen Test.