Published: 18/11/2008 Updated: 11/10/2018

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Integer overflow in the remote administration protocol processing in Client Software WinCom LPD Total 3.0.2.623 and previous versions allows remote malicious users to cause a denial of service (crash) via a large string length argument, which triggers memory corruption.

Vulnerable Product	Search on Vulmon	Subscribe to Product
clientsoftware wincome mpd total

## # $Id: wincomlpd_adminrb 9583 2010-06-22 19:11:05Z todb $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class M ...

source: wwwsecurityfocuscom/bid/27614/info WinComLPD Total is prone to multiple vulnerabilities, including buffer-overflow vulnerabilities and an authentication-bypass vulnerability Successfully exploiting these issues will allow an attacker to perform unauthorized actions or execute arbitrary code with the privileges of the user runnin ...

CWE-189 http://aluigi.org/poc/wincomalpd.zip http://secunia.com/advisories/28763 http://aluigi.org/adv/wincomalpd-adv.txt http://www.securityfocus.com/bid/27614 http://securityreason.com/securityalert/4610 http://www.vupen.com/english/advisories/2008/0410 http://www.securityfocus.com/archive/1/487507/100/200/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/16335/

CVE-2008-5159

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect