Rabox WinLPD Remote Buffer Overflow Vulnerability

Winlpd is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

This issue allows remote attackers to execute arbitrary machine code in the context of the vulnerable application. Since this application listens on TCP port 515, it requires elevated privileges. Successfully exploiting this issue, therefore, likely facilitates the complete compromise of affected computers.

Winlpd version 1.2, build 1076 is vulnerable to this issue; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus