Strix
26.1K

CVE-2000-1221

UnknownEPSS 16.73%

Last modified

CVE-2000-1221 is a vulnerability of currently unknown severity. The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP.. EPSS estimates a 16.73% chance of exploitation in the next 30 days.

Description

The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP.

Metrics

EPSS Probability
16.73%

96.6th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
SgiIrix6.5
SgiIrix6.5.1
SgiIrix6.5.2
SgiIrix6.5.3
SgiIrix6.5.4
SgiIrix6.5.5
SgiIrix6.5.6
SgiIrix6.5.7
SgiIrix6.5.8
SgiIrix6.5.9
SgiIrix6.5.10
SgiIrix6.5.11
SgiIrix6.5.12
SgiIrix6.5.13
SgiIrix6.5.14f
SgiIrix6.5.14m
SgiIrix6.5.15f
SgiIrix6.5.15m
SgiIrix6.5.16f
SgiIrix6.5.16m
SgiIrix6.5.17f
SgiIrix6.5.17m
SgiIrix6.5.18f
SgiIrix6.5.18m
DebianDebian Linux2.1
RedhatLinux4.1
RedhatLinux4.2
RedhatLinux5.0
RedhatLinux5.2
RedhatLinux6.0
RedhatLinux6.1

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2000-1221?
The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP.
How severe is CVE-2000-1221?
Severity scoring for CVE-2000-1221 is pending analysis. The EPSS model estimates a 16.73% probability of exploitation in the next 30 days.
How do I fix CVE-2000-1221?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2000-1221?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST