{"vuid":"VU#388183","idnumber":"388183","name":"IBM AIX line printer daemon contains a buffer overflow in kill_print()","keywords":["ibm","aix","lpd","line printer daemon","kill_print()"],"overview":"The Line Printer daemon (lpd) shipped with AIX  systems contains a buffer overflow in kill_print() that potentially allow a malicious remote user to gain root privileges.","clean_desc":"A buffer overflow exists in the kill_print() function of the line printer daemon (lpd) on AIX systems. An intruder could exploit this vulnerability to obtain root privileges or cause a denial of service (DoS). The intruder would need to be listed in the victim's /etc/hosts.lpd or /etc/hosts.equiv file, however, to exploit this vulnerability.","impact":"An intruder could exploit this vulnerability to obtain root privileges, or cause a denial of service (DoS).","resolution":"IBM has released a VULNERABILITY SUMMARY. Please see the vendor statement for patches and instructions.","workarounds":"","sysaffected":"","thanks":"The CERT/CC wishes to thank IBM for their help in identifying and analyzing this vulnerability.","author":"This document was written by Jason Rafail.","public":["http://www.uniras.gov.uk/l1/l2/l3/brief2001/UNIRAS%20Briefing%20-%2016301%20-%20IBM%20%20-%20Buffer%20Overflow%20Vulnerabilities%20in%20lpd.txt","http://archives.neohapsis.com/archives/bugtraq/2001-09/0084.html"],"cveids":["CVE-2001-0671"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2001-10-02T18:17:17Z","publicdate":"2001-09-11T00:00:00Z","datefirstpublished":"2001-10-16T19:03:58Z","dateupdated":"2002-01-03T19:09:38Z","revision":12,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"10","cam_population":"15","cam_impact":"20","cam_easeofexploitation":"10","cam_attackeraccessrequired":"7","cam_scorecurrent":"9.84375","cam_scorecurrentwidelyknown":"11.8125","cam_scorecurrentwidelyknownexploited":"19.6875","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":9.84375,"vulnote":null}