Vulnerability Description
Format string vulnerability in the logging function in Larson Network Print Server (LstNPS) 9.4.2 build 105 and earlier for Windows might allow remote attackers to execute arbitrary code via format string specifiers in a USEP command on TCP port 3114.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Larson Software Technology | Network Print Server | <= 9.4.2 |
Related Weaknesses (CWE)
References
- http://aluigi.altervista.org/adv/lstnpsx-adv.txt
- http://secunia.com/advisories/28890Vendor Advisory
- http://www.securityfocus.com/archive/1/487956/100/0/threaded
- http://www.securityfocus.com/bid/27732Exploit
- http://www.vupen.com/english/advisories/2008/0500
- https://exchange.xforce.ibmcloud.com/vulnerabilities/40420
- http://aluigi.altervista.org/adv/lstnpsx-adv.txt
- http://secunia.com/advisories/28890Vendor Advisory
- http://www.securityfocus.com/archive/1/487956/100/0/threaded
- http://www.securityfocus.com/bid/27732Exploit
- http://www.vupen.com/english/advisories/2008/0500
- https://exchange.xforce.ibmcloud.com/vulnerabilities/40420
FAQ
What is CVE-2008-0764?
CVE-2008-0764 is a vulnerability with a CVSS score of 10.0 (HIGH). Format string vulnerability in the logging function in Larson Network Print Server (LstNPS) 9.4.2 build 105 and earlier for Windows might allow remote attackers to execute arbitrary code via format st...
How severe is CVE-2008-0764?
CVE-2008-0764 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-0764?
Check the references section above for vendor advisories and patch information. Affected products include: Larson Software Technology Network Print Server.