Buffer Overflow Vulnerability in Winlpd

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Buffer Overflow Vulnerability in Winlpd
From: Meftun@xxxxxxxxxxxxx
Date: 27 Jul 2006 11:02:29 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

Pablo Isola has discovered a vulnerability in Winlpd, which can be exploited by 
malicious people to compromise a vulnerable system. 


The vulnerability is caused due to a boundary error when handling received 
requests. This can be exploited to cause a stack-based buffer overflow by 
passing an overly long string in a request to the service (port 515/tcp).

Successful exploitation allows execution of arbitrary code.


The vulnerability has been confirmed in version 1.26. Other versions may also 
be affected.

Prev by Date: Cross-Site Scripting and Local File Inclusion in Phorum
Next by Date: Re: Low security hole affecting IPCalc's CGI wrapper
Previous by thread: Cross-Site Scripting and Local File Inclusion in Phorum
Next by thread: [USN-324-1] freetype vulnerability
Index(es):
- Date
- Thread