CVE-2001-1177

Samsung ML-85G GDI <0.2.0 - Local Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 3 public exploits for CVE-2001-1177. PoCs published by ml85p, Charles Stevenson.

AI-analyzed exploit summary The vulnerability in ml85p, a Linux driver for Samsung ML-85G printers, allows privilege escalation due to insecure handling of symbolic links in /tmp with predictable filenames. Attackers can exploit this to overwrite arbitrary files with user-supplied data.

Description

ml85p in Samsung ML-85G GDI printer driver before 0.2.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.

Exploits (3)

exploitdb WRITEUP VERIFIED

by ml85p · textlocalhardware

https://www.exploit-db.com/exploits/21001

View Code ZIP pw:eip

The vulnerability in ml85p, a Linux driver for Samsung ML-85G printers, allows privilege escalation due to insecure handling of symbolic links in /tmp with predictable filenames. Attackers can exploit this to overwrite arbitrary files with user-supplied data.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: ml85p (Samsung ML-85G printer driver)

No auth needed

Prerequisites: Access to the target system · Ability to create symbolic links in /tmp

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by ml85p · bashlocalhardware

https://www.exploit-db.com/exploits/21000

View Code ZIP pw:eip

This exploit leverages a symbolic link vulnerability in the setuid program ml85p to overwrite /etc/ld.so.preload, enabling privilege escalation by preloading a malicious shared library that overrides getuid() to return 0.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: ml85p (Samsung ML-85G printer driver) on Mandrake Linux 8.0

No auth needed

Prerequisites: ml85p must be setuid and executable · Attacker must be in the 'sys' group · /etc/ld.so.preload must not exist or be writable

MITRE ATT&CK

T1548.001 - Setuid and Setgid T1574.006 - Dynamic Linker Hijacking

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by Charles Stevenson · clocalhardware

https://www.exploit-db.com/exploits/20999

View Code ZIP pw:eip

This exploit leverages a symbolic link vulnerability in the ml85p Linux printer driver to overwrite arbitrary files, potentially leading to privilege escalation. It creates multiple symlinks in /tmp with predictable names and triggers the vulnerable driver to write user-supplied data to the target file.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: ml85p (Samsung ML-85G printer driver)

No auth needed

Prerequisites: ml85p driver installed · ability to execute commands on the target system

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1222 - File and Directory Permissions Modification

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/3008

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/6845

Patch, Vendor Advisory mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2001-07/0284.html

Scores

EPSS 0.0100

EPSS Percentile 58.3%

Details

Status published

Products (2)

samsung/ml-85g_gdi_printer_driver

samsung/ml-85p_printer_driver 1.0

Published Jul 17, 2001

Tracked Since Feb 18, 2026