CVE-2001-1022

groff - Remote Code Execution via Format String in pic Utility

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-1022. PoCs published by zen-parse.

AI-analyzed exploit summary This exploit targets a format string vulnerability in the 'pic' utility (part of groff) via lpd, allowing remote command execution. It crafts a malicious print job to trigger arbitrary command execution on vulnerable systems.

Description

Format string vulnerability in pic utility in groff 1.16.1 and other versions, and jgroff before 1.15, allows remote attackers to bypass the -S option and execute arbitrary commands via format string specifiers in the plot command.

Exploits (1)

exploitdb WORKING POC VERIFIED

by zen-parse · cremotelinux

https://www.exploit-db.com/exploits/21037

View Code ZIP pw:eip

This exploit targets a format string vulnerability in the 'pic' utility (part of groff) via lpd, allowing remote command execution. It crafts a malicious print job to trigger arbitrary command execution on vulnerable systems.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: groff (pic utility) in Red Hat Linux 7.0 (groff-1.16-7)

No auth needed

Prerequisites: Network access to lpd (port 515) · Vulnerable version of groff/pic · Netcat (nc) installed on attacker's machine

MITRE ATT&CK