|Category:||Gain a shell remotely|
|Title:||LPRng malformed input|
|Summary:||Checks for a vulnerable version of LPRng|
LPRng seems to be running.
This daemon has a flaw (until version 3.6.24 at least) that would
let anyone to remotely execute arbitrary commands on the server.
*** Nessus could not remotely determine with certainty that the
version of LPRng this machine is running is vulnerable or not.
Solution: Make sure that you are running version 3.6.25 or newer
and filter incoming connections to TCP port 515.
Risk factor : High
BugTraq ID: 1712|
Common Vulnerability Exposure (CVE) ID: CVE-2000-0917
Bugtraq: 20000925 Format strings: bug #2: LPRng (Google Search)
Caldera Security Advisory: CSSA-2000-033.0
FreeBSD Security Advisory: FreeBSD-SA-00:56
XForce ISS Database: lprng-format-string
|Copyright||This script is Copyright (C) 2000 Renaud Deraison|
|This is only one of 54701 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.