Vulnerability Details : CVE-1999-1102
lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times.
Exploit prediction scoring system (EPSS) score for CVE-1999-1102
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 11 % EPSS Score History EPSS FAQ
CVSS scores for CVE-1999-1102
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:N/I:P/A:N |
3.9
|
2.9
|
NIST |
References for CVE-1999-1102
-
http://www.aenigma.net/resources/maillist/bugtraq/1994/0091.htm
-
http://ciac.llnl.gov/ciac/bulletins/e-25.shtml
Patch;Vendor Advisory
-
http://www.phreak.org/archives/security/8lgm/8lgm.lpr
Exploit;Vendor Advisory
Products affected by CVE-1999-1102
- cpe:2.3:o:bsd:bsd:4.3:*:*:*:*:*:*:*
- cpe:2.3:o:sun:sunos:*:*:*:*:*:*:*:*
- cpe:2.3:o:sgi:irix:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:a_ux:2.0.1:*:*:*:*:*:*:*