Test ID:	1.3.6.1.4.1.25623.1.0.10522
Category:	Gain a shell remotely
Title:	LPRng malformed input
Summary:	NOSUMMARY
Description:	Description: LPRng seems to be running. This daemon has a flaw (until version 3.6.24 at least) that would let anyone to remotely execute arbitrary commands on the server. *** Nessus could not remotely determine with certainty that the version of LPRng this machine is running is vulnerable or not. Solution: Make sure that you are running version 3.6.25 or newer and filter incoming connections to TCP port 515. Risk factor : High
Cross-Ref:	BugTraq ID: 1712 Common Vulnerability Exposure (CVE) ID: CVE-2000-0917 http://www.securityfocus.com/bid/1712 Bugtraq: 20000925 Format strings: bug #2: LPRng (Google Search) http://archives.neohapsis.com/archives/bugtraq/2000-09/0293.html Caldera Security Advisory: CSSA-2000-033.0 http://www.calderasystems.com/support/security/advisories/CSSA-2000-033.0.txt http://www.cert.org/advisories/CA-2000-22.html FreeBSD Security Advisory: FreeBSD-SA-00:56 ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:56.lprng.asc http://www.redhat.com/support/errata/RHSA-2000-065.html XForce ISS Database: lprng-format-string(5287) https://exchange.xforce.ibmcloud.com/vulnerabilities/5287
Copyright	This script is Copyright (C) 2000 Renaud Deraison

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.