WinComLPD LPD Monitoring Server Authentication Bypass

This script is Copyright (C) 2008-2015 Tenable Network Security, Inc.

Synopsis :

The remote service is affected by an authentication bypass

Description :

The remote installation of WinComLPD fails to ensure that
authentication to its LPD Monitoring Server has been successful before
processing requests. A remote attacker can leverage this issue to
bypass authentication and gain administrative control of the affected

Note that there are reportedly several other vulnerabilities
associated with this version of WinComLPD, including multiple buffer
overflows, although Nessus has not checked for them.

Solution :

Unknown at this time.

Risk factor :

High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.8
Public Exploit Available : true

Family: Misc.

Nessus Plugin ID: 30187 ()

Bugtraq ID: 27614

CVE ID: CVE-2008-5158

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now