lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers to execute arbitrary commands via a job request with a crafted control file that is not properly handled when lpd invokes a mail program. NOTE: this might be the same vulnerability as CVE-2000-1220.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Solaris | Sun | 2.4 | 2.4 |
Solaris | Sun | 2.5 | 2.5 |
Solaris | Sun | 2.5.1 | 2.5.1 |
Solaris | Sun | 2.6 | 2.6 |
Solaris | Sun | 7.0 | 7.0 |
Solaris | Sun | 8.0 | 8.0 |
Sunos | Sun | - | - |
Sunos | Sun | 5.0 | 5.0 |
Sunos | Sun | 5.1 | 5.1 |
Sunos | Sun | 5.2 | 5.2 |
Sunos | Sun | 5.3 | 5.3 |
Sunos | Sun | 5.4 | 5.4 |
Sunos | Sun | 5.5 | 5.5 |
Sunos | Sun | 5.5.1 | 5.5.1 |
Sunos | Sun | 5.7 | 5.7 |
Sunos | Sun | 5.8 | 5.8 |
Sunos | Sun | * | 5.9 |