English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 73247 CVE descriptions
and 39337 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.11406
Category:Gain root remotely
Title:Buffer overflow in BSD in.lpd
Summary:Determines if the remote lpd is bsd-lpd
Description:
The remote bsd-lpd daemon might be vulnerable to a
buffer overflow when sent a too long file name
and then asked to show the print queue when the
file is being printed.

An attacker may use this flaw to gain a shell on
this host.

** Because of the conditions to positively check for
** this flaw are very hard to meet, this alert might be
** a false positive.


Affected systems : BSD/OS (up to 4.1), FreeBSD (up to 4.2),
NetBSD (up to 1.5.1), OpenBSD (up to 2.9),
SuSE Linux (up to 7.2), SCO Open Server (5.0.6)

Solution : Make sure you are running the latest version of the BSD line
printer daemon
Risk factor : High
Cross-Ref: BugTraq ID: 3252
Common Vulnerability Exposure (CVE) ID: CVE-2001-0670
ISS Security Advisory: 20010829 Remote Buffer Overflow Vulnerability in BSD Line Printer Daemon
http://xforce.iss.net/alerts/advise94.php
http://www.cert.org/advisories/CA-2001-30.html
OpenBSD Security Advisory: 20010829
http://www.openbsd.com/errata28.html
Caldera Security Advisory: CSSA-2001-SCO.20
ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.20/CSSA-2001-SCO.20.txt
NETBSD Security Advisory: NetBSD-SA2001-018
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-018.txt.asc
http://www.redhat.com/support/errata/RHSA-2001-147.html
CERT/CC vulnerability note: VU#274043
http://www.kb.cert.org/vuls/id/274043
XForce ISS Database: bsd-lpd-bo(7046)
http://xforce.iss.net/static/7046.php
http://www.securityfocus.com/bid/3252
Common Vulnerability Exposure (CVE) ID: CVE-1999-0061
NAI Labs Security Advisory: NAI-20
XForce ISS Database: bsd-lpd
CopyrightThis script is Copyright (C) 2003 Renaud Deraison

This is only one of 39337 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.