CVE-2001-0787

Red Hat Linux 7.0 and 7.1 - Local Privilege Escalation via LPRng Supplemental Group Handling

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-0787. PoCs published by zen-parse.

AI-analyzed exploit summary This exploit targets a race condition in LPRng's temporary file handling in the dvi print filter, allowing an attacker to modify the lp configuration file. The configuration file is sourced by the master print filter, enabling command injection with lp:lp privileges.

Description

LPRng in Red Hat Linux 7.0 and 7.1 does not properly drop memberships in supplemental groups when lowering privileges, which could allow a local user to elevate privileges.

Exploits (1)

exploitdb WORKING POC VERIFIED
by zen-parse · clocalunix
https://www.exploit-db.com/exploits/20923

This exploit targets a race condition in LPRng's temporary file handling in the dvi print filter, allowing an attacker to modify the lp configuration file. The configuration file is sourced by the master print filter, enabling command injection with lp:lp privileges.

Classification
Working Poc 90%
Attack Type
Lpe
Complexity
Moderate
Reliability
Racy
Target: LPRng 3.7.4-23 and earlier, tetex-1.0.7-7 and earlier
No auth needed
Prerequisites: Access to the system to execute the exploit · Presence of vulnerable LPRng and tetex versions · Ability to create files in /tmp
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/2865
Third Party Advisory, US Government Resource third-party-advisory government-resource x_refsource_ciac
http://www.ciac.org/ciac/bulletins/l-096.shtml
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2001-077.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/6703

Scores

EPSS 0.0072
EPSS Percentile 48.9%

Details

Status published
Products (2)
redhat/linux 7.0
redhat/linux 7.1
Published Oct 18, 2001
Tracked Since Feb 18, 2026