SAPlpd < 6.29 Multiple Vulnerabilities

critical Nessus Plugin ID 31121

Synopsis

The remote print service is affected by multiple vulnerabilities.

Description

SAPlpd, a component of SAP GUI, is running on the remote host.

According to its version number, the installation of SAPlpd running on the remote host is affected by several denial of service and buffer overflow vulnerabilities. An unauthenticated, remote attacker can leverage these issues to crash the affected service or to execute arbitrary code on the affected host subject to the privileges under which it operates.

Solution

Upgrade to SAPlpd version 6.29 or later by updating to SAP GUI for Windows version 7.10 Patchlevel 6 / 6.30 Patchlevel 30 / 6.20 Patchlevel 72 or later.

See Also

http://aluigi.altervista.org/adv/saplpdz-adv.txt

https://seclists.org/bugtraq/2008/Feb/27

https://seclists.org/bugtraq/2008/Feb/34

Plugin Details

Severity: Critical

ID: 31121

File Name: saplpd_6_29.nasl

Version: 1.13

Type: remote

Family: Misc.

Published: 2/20/2008

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.0

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:sap:saplpd, cpe:/a:sap:sapgui

Exploit Available: true

Exploit Ease: Exploits are available

Exploitable With

CANVAS (D2ExploitPack)

Core Impact

Metasploit (SAP SAPLPD 6.28 Buffer Overflow)

Reference Information

CVE: CVE-2008-0620, CVE-2008-0621

BID: 27613

CWE: 119

SECUNIA: 28786