CVE-2000-0880

LPPlus - Local Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-0880. PoCs published by Dixie Flatline.

AI-analyzed exploit summary The exploit demonstrates two vulnerabilities in LPPlus print management system: arbitrary control over print services via setuid binaries and privilege escalation to kill any process by manipulating a world-writable PID file. Both vulnerabilities allow low-privileged users to disrupt system processes.

Description

LPPlus creates the lpdprocess file with world-writeable permissions, which allows local users to kill arbitrary processes by specifying an alternate process ID and using the setuid dcclpdshut program to kill the process that was specified in the lpdprocess file.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Dixie Flatline · textdosunix
https://www.exploit-db.com/exploits/20192

The exploit demonstrates two vulnerabilities in LPPlus print management system: arbitrary control over print services via setuid binaries and privilege escalation to kill any process by manipulating a world-writable PID file. Both vulnerabilities allow low-privileged users to disrupt system processes.

Classification
Working Poc 100%
Attack Type
Lpe
Complexity
Trivial
Reliability
Reliable
Target: LPPlus print management system
No auth needed
Prerequisites: LPPlus installed with default permissions · Access to a user account on the system
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/1643
Vendor Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2000-08/0531.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/5200

Scores

EPSS 0.0075
EPSS Percentile 50.1%

Details

Status published
Products (2)
plus_technologies/lpplus 3.2.2
plus_technologies/lpplus 3.3
Published Nov 14, 2000
Tracked Since Feb 18, 2026