NI3
11-06-2003, 11:28 AM
TITLE:
NIPrint Buffer Overflow Vulnerability
SECUNIA ADVISORY ID:
SA10143
VERIFY ADVISORY:
[Only registered and activated users can see links]
CRITICAL:
Moderately critical
IMPACT:
Privilege escalation, System access
WHERE:
From local network
SOFTWARE:
NIPrint 4.x
DESCRIPTION:
A vulnerability has been reported in NIPrint allowing malicious
people to gain system access.
NIPrint fails to verify input properly allowing malicious people to
cause a buffer overflow by sending 60 bytes of data to port 515/tcp.
This could potentially be exploited to execute arbitrary code on the
vulnerable system.
A privilege escalation vulnerability has also been reported. It is
possible for local users to exploit this to gain Local System
privileges.
SOLUTION:
Restrict access to the LPD service so that only trusted adresses can
connect to it. Do not install NIPrint on systems with untrusted
users.
REPORTED BY / CREDITS:
KF, Secure Network Operations
----------------------------------------------------------------------
NIPrint Buffer Overflow Vulnerability
SECUNIA ADVISORY ID:
SA10143
VERIFY ADVISORY:
[Only registered and activated users can see links]
CRITICAL:
Moderately critical
IMPACT:
Privilege escalation, System access
WHERE:
From local network
SOFTWARE:
NIPrint 4.x
DESCRIPTION:
A vulnerability has been reported in NIPrint allowing malicious
people to gain system access.
NIPrint fails to verify input properly allowing malicious people to
cause a buffer overflow by sending 60 bytes of data to port 515/tcp.
This could potentially be exploited to execute arbitrary code on the
vulnerable system.
A privilege escalation vulnerability has also been reported. It is
possible for local users to exploit this to gain Local System
privileges.
SOLUTION:
Restrict access to the LPD service so that only trusted adresses can
connect to it. Do not install NIPrint on systems with untrusted
users.
REPORTED BY / CREDITS:
KF, Secure Network Operations
----------------------------------------------------------------------