Unrated severityNVD Advisory· Published Dec 31, 1999· Updated Apr 16, 2026

CVE-1999-1102

Description

lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times.

Affected products

Apple Inc./A Ux
cpe:2.3:o:apple:a_ux:2.0.1:*:*:*:*:*:*:*
Bsd/Bsd
cpe:2.3:o:bsd:bsd:4.3:*:*:*:*:*:*:*
Sgi/Irix
cpe:2.3:o:sgi:irix:*:*:*:*:*:*:*:*
Range: <=5.2
Sun Corporation/Sunos
cpe:2.3:o:sun:sunos:*:*:*:*:*:*:*:*
Range: <=4.1.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

ciac.llnl.gov/ciac/bulletins/e-25.shtmlnvdPatchVendor Advisory
www.phreak.org/archives/security/8lgm/8lgm.lprnvdExploitVendor Advisory
www.aenigma.net/resources/maillist/bugtraq/1994/0091.htmnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000