CVE-2000-1221
CVSS 2.0 Score 10.0 of 10 (high)
Details
Summary
CVE-2000-1221 is a vulnerability affecting the line printer daemon (lpd) in the lpr package of multiple Linux operating systems. Instead of using secure authentication methods, this software compares the reverse-resolved hostname of the local machine with the hostname of the print server. A remote attacker can exploit this flaw by manipulating the DNS records for the attacking IP, enabling them to bypass intended access controls and potentially gain unauthorized access to the system. This issue highlights the importance of secure authentication and proper handling of DNS records to prevent unintended consequences.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- SGI IRAX
- Red Hat Enterprise Linux
- Debian
Affected Vendors
- Red Hat
- Debian
- Saskatchewan Government Insurance