Cisco IOS Line Printer Daemon (LPD) Stack Overflow

This script is (C) 2012-2014 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

On October 10 2007, Cisco released a security response for a
vulnerability in the Line Printer Daemon (LPD) in IOS. Exploitation
of this vulnerability could result in arbitrary code execution. This
plugin checks if the appropriate fix for the advisory has been
installed.

See also :

http://www.cisco.com/en/US/products/csr/cisco-sr-20071010-lpd.html

Solution :

Upgrade to IOS version 12.2(18)SXF11, 12.4(16a), 12.4(2)T6 or greater.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.3
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 17791 ()

Bugtraq ID: 26001

CVE ID: CVE-2007-5381

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial