Solaris in.lpd Transfer Job Routine Remote Buffer Overflow

Critical Nessus Plugin ID 10727


The remote host is affected by a buffer overflow vulnerability.


The remote lpd daemon seems to be vulnerable to a buffer overflow when sent too many 'Receive data file' commands. An attacker may use this flaw to gain root on this host.


If the remote host is running Solaris, apply the relevant patch from Sun.

Plugin Details

Severity: Critical

ID: 10727

File Name: lpd_overflow.nasl

Version: $Revision: 1.38 $

Type: remote

Published: 2001/08/22

Modified: 2017/05/16

Dependencies: 17975

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

Required KB Items: Settings/ParanoidReport

Exploit Available: false

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 2001/01/19

Reference Information

CVE: CVE-2001-0353

BID: 2894

OSVDB: 1875

CERT-CC: CA-2001-15