CVE-2001-0787

Name of the Vulnerable Software and Affected Versions LPRng versions 3.7.4 through 3.8.9 Red Hat Linux versions 7.0 through 7.1

Description The issue affects the LPRng package in Red Hat Linux, potentially leading to breaches of confidentiality, integrity, and availability of protected information. Exploitation can be carried out remotely. A local user could elevate privileges due to the failure of LPRng to properly drop memberships in supplemental groups when lowering privileges.

Recommendations For LPRng versions 3.7.4 through 3.8.9, consider restricting access to the LPRng service until a patch is available. For Red Hat Linux versions 7.0 and 7.1, apply configuration changes to properly handle supplemental group memberships when lowering privileges. At the moment, there is no information about a newer version that contains a fix for this vulnerability.