<<< Date Index >>>     <<< Thread Index >>>

Buffer Overflow Vulnerability in Winlpd



Pablo Isola has discovered a vulnerability in Winlpd, which can be exploited by 
malicious people to compromise a vulnerable system. 


The vulnerability is caused due to a boundary error when handling received 
requests. This can be exploited to cause a stack-based buffer overflow by 
passing an overly long string in a request to the service (port 515/tcp).

Successful exploitation allows execution of arbitrary code.


The vulnerability has been confirmed in version 1.26. Other versions may also 
be affected.