CVE-2000-0534 - The apsfilter software in the FreeBSD ports package does not properly read user filter configuration

CVE-2000-0534

Summary

The apsfilter software in the FreeBSD ports package does not properly read user filter configurations, which allows local users to execute commands as the lpd user.

References

http://www.osvdb.org/1389
http://www.securityfocus.com/bid/1325
https://exchange.xforce.ibmcloud.com/vulnerabilities/4617

Vulnerable Configurations

cpe:2.3:o:aps_filter_development_team:apsfilter:5.4:*:*:*:*:*:*:*
cpe:2.3:o:aps_filter_development_team:apsfilter:5.4:*:*:*:*:*:*:*

CVSS

Base:	4.6 (as of 03-05-2018 - 01:29)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:P/A:P

refmap via4

bid	1325
freebsd	FreeBSD-SA-00:22
osvdb	1389
xf	apsfilter-elevate-privileges(4617)

Last major update

03-05-2018 - 01:29

Published

07-06-2000 - 04:00

Last modified

03-05-2018 - 01:29