Vulnerability Description
Stack-based buffer overflow in lpd.exe in Mocha W32 LPD 1.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted "recieve jobs" request. NOTE: some of these details are obtained from third party information.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mochasoft | Mocha W32 Lpd | 1.9 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/39394Vendor Advisory
- http://www.corelan.be:8800/index.php/forum/security-advisories/corelan-10-023-mo
- http://www.corelan.be:8800/wp-content/forum-file-uploads/mr_me/mochalpd.py_.txt
- http://www.osvdb.org/63902
- http://secunia.com/advisories/39394Vendor Advisory
- http://www.corelan.be:8800/index.php/forum/security-advisories/corelan-10-023-mo
- http://www.corelan.be:8800/wp-content/forum-file-uploads/mr_me/mochalpd.py_.txt
- http://www.osvdb.org/63902
FAQ
What is CVE-2010-1687?
CVE-2010-1687 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Stack-based buffer overflow in lpd.exe in Mocha W32 LPD 1.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted "recieve jobs" request. NOTE...
How severe is CVE-2010-1687?
CVE-2010-1687 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-1687?
Check the references section above for vendor advisories and patch information. Affected products include: Mochasoft Mocha W32 Lpd.