LPD.Command.Buffer.Overflow
Description
This indicates an attempt to exploit a buffer-overflow vulnerability in Hummingbird Connectivity LPD printer daemon.
The vulnerability is a stack-based buffer overflow that is a result of the software's failure to do proper bounds checking on user supplied data. This may allow a remote attacker to cause a denial of service and possibly execute arbitrary code on a vulnerable system.
Affected Products
Hummingbird Connectivity 10.0
Hummingbird Connectivity 9.0
Hummingbird Connectivity 7.1
SAP GUI SAPlpd 6.28 and earlier.
Impact
System compromise: execution of arbitrary code in the context of the affected applications.
Recommended Actions
The vendors have released patches that address this issue. Please see the referenced advisory for further information.
For Hummingbird Connectivity 10.0
* Hummingbird lpdw_10001.zip
For Hummingbird Connectivity 9.0
* Hummingbird lpdw_9001.zip
For SAP GUI SAPlpd:
Update at least to
-patch level 6 for version 7
-patch level 30 for version 6.40
-patch level 72 for version 6.20
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |