{"vuid":"VU#466239","idnumber":"466239","name":"IBM AIX line printer daemon contains a buffer overflow in chk_fhost()","keywords":[""],"overview":"The Line Printer daemon (lpd) shipped with AIX  systems contains a buffer overflow in chk_fhost() that potentially allow a malicious remote user to gain root privileges.","clean_desc":"A buffer overflow exists in the chk_fhost() function of the line printer daemon (lpd) on AIX systems. An intruder could exploit this vulnerability to obtain root privileges or cause a denial of service (DoS). The intruder would need control of the DNS server to exploit this vulnerability.","impact":"An intruder could exploit this vulnerability to obtain root privileges, or cause a denial of service (DoS).","resolution":"IBM has released a VULNERABILITY SUMMARY. Please see the vendor statement for patches and instructions.","workarounds":"","sysaffected":"","thanks":"The CERT/CC wishes to thank IBM for their help in identifying and analyzing this vulnerability.","author":"This document was written by Jason Rafail.","public":["http://www.uniras.gov.uk/l1/l2/l3/brief2001/UNIRAS%20Briefing%20-%2016301%20-%20IBM%20%20-%20Buffer%20Overflow%20Vulnerabilities%20in%20lpd.txt","http://archives.neohapsis.com/archives/bugtraq/2001-09/0084.html"],"cveids":["CVE-2001-0671"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2001-10-02T18:21:06Z","publicdate":"2001-09-11T00:00:00Z","datefirstpublished":"2001-10-16T19:07:06Z","dateupdated":"2002-01-03T19:10:31Z","revision":8,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"10","cam_population":"15","cam_impact":"20","cam_easeofexploitation":"10","cam_attackeraccessrequired":"7","cam_scorecurrent":"9.84375","cam_scorecurrentwidelyknown":"11.8125","cam_scorecurrentwidelyknownexploited":"19.6875","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":9.84375,"vulnote":null}