CVE-2000-1221

CVSS 2.0 Score 10.0 of 10 (high)

Details

Published Jan 8, 2000
Updated: Jul 11, 2017

Summary

CVE-2000-1221 is a vulnerability affecting the line printer daemon (lpd) in the lpr package of multiple Linux operating systems. Instead of using secure authentication methods, this software compares the reverse-resolved hostname of the local machine with the hostname of the print server. A remote attacker can exploit this flaw by manipulating the DNS records for the attacking IP, enabling them to bypass intended access controls and potentially gain unauthorized access to the system. This issue highlights the importance of secure authentication and proper handling of DNS records to prevent unintended consequences.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • SGI IRAX
  • Red Hat Enterprise Linux
  • Debian

Affected Vendors

  • Red Hat
  • Debian
  • Saskatchewan Government Insurance