Solaris in.lpd Crafted Job Request Arbitrary Remote Command Execution

This script is Copyright (C) 2003-2016 Tenable Network Security, Inc.

Synopsis :

The remote lpd daemon is vulnerable to arbitrary command execution.

Description :

The remote lpd daemon is vulnerable to an
environment error that could allow an attacker
to execute arbitrary commands on this host.

Nessus uses this vulnerability to retrieve the
password file of the remote host although any
command could be executed.

See also :

Solution :

None at this time. Disable this service.

Risk factor :

Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 9.5
Public Exploit Available : true

Family: Gain a shell remotely

Nessus Plugin ID: 11513 ()

Bugtraq ID: 3274

CVE ID: CVE-2001-1583

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now