NIPrint LPD-LPR Print Server (Long Request)

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

Home
Ask the Team
Mailing Lists
Advertising Info
Advisories
About SecuriTeam
Blogs

Brought to you by:

Suppliers of:

SecuriTeam in Your Inbox

New vulnerability?
New tool?
Tell us
(Our PGP key).

Confidence 2013

5% Off any SANS course
Use Code: SecuriTeam_5

Hack In Paris

La Nuit du Hack

Subjects of Interest:
Vulnerability Management
SQL Injection
Buffer Overflows
Active Network Scanning
Fuzzing
Fuzzer Report
Network Security
Network Scanner
Pen Testing
Security Scanner

NIPRint is the market leader in high performance print servers based on Windows sockets. NIPrint employs both LPD and LPR to transfer print jobs to and from remote UNIX hosts.

Secure Network Operations have discovered a simple buffer overflow by sending 53 bytes of garbage to the printer (515) port.

Credit:
The original advisory can be downloaded from: http://www.secnetops.com/research/advisories/SRT2003-11-02-0115.pdf.
The information has been provided by KF.

Free Website Security Scan	Free Fuzzer Report	Vulnerability Assessment
Detect web app vulnerabilities	University study comparing the top	Accurate and automated scanning
Get guidance from professionals.	6 commercially availble fuzzers.	for networks of any size.

Protect your website!
Free Trial, Nothing to install.
No interruption of visitors.
www.beyondsecurity.com/vulnerability-scanner

Vulnerable systems:
* NIPrint LPD-LPR Print Server version 4.10 and prior

Vendor status:
The vendor has been informed. No details regarding a possible fix are available.

blog comments powered by Disqus

	Microsoft Windows USB Driver Memory Object Handling Local Privilege (2013-1287) Vulnerability
	Microsoft IE SaveHistory Onload Event Handling Use-After-Free Arbitrary Code Execution Vulnerability
	Microsoft IE CMarkupBehaviorContext Use-After-Free Arbitrary Code Execution Vulnerability
	Microsoft SharePoint XSS Vulnerability
	Microsoft IE OnBeforeCopy Use-After-Free Arbitrary Code Execution Vulnerability
	Microsoft Windows USB Driver Memory Object Handling Local Privilege Escalation Vulnerability
	Microsoft OneNote Buffer Size Validation ONE File Handling Information Disclosure Vulnerability
	Microsoft IE GetMarkupPtr execCommand Print Event Handling Use-after-free Execution Vulnerability
	Microsoft SharePoint Remote Overflow DoS Vulnerability
	Microsoft IE CTreeNode Use-After-Free Arbitrary Code Execution Vulnerability
	Microsoft Windows USB Driver Memory Object Handling Local Privilege (2013-1286) Vulnerability
	Microsoft IE CTreeNode Use-After-Free Use-After-Free Arbitrary Execution Vulnerability
	Microsoft IE Proxy Server TCP Session Re-Use Cross-User Information Disclosure Weakness Vulnerability
	Microsoft IE Shift JIS Character Encoding Information Disclosure Vulnerability
	Microsoft IE SetCapture Use-after-free Arbitrary Code Execution Vulnerability
	Microsoft IE Vector Markup Language (VML) Buffer Allocation Memory Corruption Vulnerability
	Microsoft Windows Kernel Memory Object Handling Local Privilege Escalation Vulnerability
	Microsoft System Center Operations Web Console XSS Vulnerability
	Microsoft Lync User-Agent Header Handling Remote Arbitrary Command Execution Vulnerability
	Microsoft System Center Operations Manager Web Console XSS Vulnerability

Featured Articles

	Microsoft Windows USB Driver Memory Object Handling Local Privilege (2013-1287) Vulnerability
	Microsoft Windows USB Driver Memory Object Handling Local Privilege Escalation Vulnerability
	Microsoft Windows Kernel Memory Object Handling Local Privilege Escalation Vulnerability
	Microsoft Windows SSL/TSL Forced Downgrade MitM Weakness
	Microsoft Windows Memory Object Handling Local Memory Privilege Escalation Vulnerability
	Microsoft Windows Privilege Escalation Vulnerability
	Microsoft .NET Framework Serialization Remote Code Execution Vulnerability
	Microsoft Visio Viewer VSD File Format Remote Code Execution Vulnerability
	Microsoft .NET Framework Input Serialization CVE-2012-0160 Remote Code Execution Vulnerability
	Microsoft .NET Framework ASP.NET Forms Authentication Bypass Vulnerability
	'TrendMicro Control Manager CASProcessor.exe BLOB Code Execution Vulnerability'
	'HP iNode Management Center iNodeMngChecker.exe Code Execution Vulnerability'
	'HP Data Protector Backup Client Service EXEC_SCRIPT Code Execution Vulnerability'
	'Microsoft Internet Explorer Property Change Memory Corruption Vulnerability'
	'Microsoft Office PowerPoint PersistDirectoryEntry Code Execution Vulnerability'
	'CA Total Defense Suite Heartbeat Web Service Code Execution Vulnerability'
	'HP Web Jetadmin Unauthorized Access to Managed Resources Vulnerability'
	'Novell Zenworks Handheld Management ZfHIPCnd.exe Opcode 2 Code Execution Vulnerability'
	'Microsoft Windows Shell Graphics biCompression Buffer Overflow Vulnerability'
	'Microsoft Office PICT Filter Integer Truncation Vulnerability'

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus - Blogs - CVEs