CVE Vulnerability

CVE-2008-0764

Format string vulnerability in the logging function in Larson Network Print Server (LstNPS) 9.4.2 build 105 and earlier for Windows might allow remote attackers to execute arbitrary code via format string specifiers in a USEP command on TCP port 3114.

10 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

References
Link Resource
http://aluigi.altervista.org/adv/lstnpsx-adv.txt
http://www.securityfocus.com/bid/27732 Exploit
http://secunia.com/advisories/28890 Vendor Advisory
http://www.vupen.com/english/advisories/2008/0500
https://exchange.xforce.ibmcloud.com/vulnerabilities/40420
http://www.securityfocus.com/archive/1/487956/100/0/threaded
Configurations

Configuration 1

cpe:2.3:a:larson_software_technology:network_print_server:*:build_105:*:*:*:*:*:*
Information

Published : 2008-02-13 09:00

Updated : 2018-10-15 10:02

NVD link : CVE-2008-0764

Mitre link : CVE-2008-0764

Products Affected
No products.
CWE
CWE-134

Use of Externally-Controlled Format String