lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
From: dotslash at snosoft.com (dotslash@...soft.com)
Subject: SRT2003-11-02-0115 - NIPrint LPD-LPR Remote overflow

We are currently evaluating .pdf based advisory release... please let us 
know if you have any issues with the pdf listed below.

Full details on this issue can be found at:
http://www.secnetops.com/research/advisories/SRT2003-11-02-0115.pdf

-KF


-------------- next part --------------
Secure Network Operations, Inc.             http://www.secnetops.com/research
Strategic Reconnaissance Team               research@...netops.com
Team Lead Contact                           kf@...netops.com


Our Mission:
************************************************************************
Secure Network Operations offers expertise in Networking, Intrusion 
Detection Systems (IDS), Software Security Validation, and 
Corporate/Private Network Security. Our mission is to facilitate a 
secure and reliable Internet and inter-enterprise communications 
infrastructure through the products and services we offer. 

To learn more about our company, products and services or to request a demo
of ANVIL FCS please visit our site at http://www.secnetops.com, or call us
at: 978-263-3829


Quick Summary:
************************************************************************
Advisory Number         : SRT2003-11-02-0115
Product                 : NIPrint LPD-LPR Print Server
Version                 : <= 4.10
Vendor                  : http://www.networkinstruments.com/
Class                   : Remote
Criticality             : High (to NIPrint users)
Operating System(s)     : Win32


Notice
************************************************************************
The full technical details of this vulnerability can be found at:
http://www.secnetops.com under the research section. 


Basic Explanation
************************************************************************
High Level Description  : NIPrint contains a remote buffer overflow
What to do              : Disable NIPrint until vendor patch is available. 


Basic Technical Details
************************************************************************
Proof Of Concept Status : SNO has working Poc code.

Low Level Description   : NIPrint suffers from a classic buffer overflow 
condition. Sending 60 bytes to the printer port (515) will cause an 
exploitable overflow in the NIPrint daemon. See our research page at 
http://www.secnetops.biz/research for further details. 


Vendor Status           : Vendor was contacted via email. The issue was 
confirmed however no further communication occured. We reccomend that you 
disable NIPrint until a vendor patch is available.

Bugtraq URL             : to be assigned

Disclaimer
------------------------------------------------------------------------
This advisory was released by Secure Network Operations,Inc. as a matter
of notification to help administrators protect their networks against
the described vulnerability. Exploit source code is no longer released
in our advisories but can be obtained under contract.. Contact our sales 
department at sales@...netops.com for further information on how to 
obtain proof of concept code.


------------------------------------------------------------------------
Secure Network Operations, Inc. || http://www.secnetops.com
"Embracing the future of technology, protecting you."


 

Powered by blists - more mailing lists