SAPlpd < 6.29 Multiple Vulnerabilities

Critical Nessus Network Monitor Plugin ID 4388

Synopsis

The remote print service is affected by multiple vulnerabilities.

Description

SAPlpd, a component of SAP GUI, is running on the remote host. According to its version number, the installation of SAPlpd running on the remote host is affected by several denial of service and buffer overflow vulnerabilities. An unauthenticated remote attacker can leverage these issues to crash the affected service or to execute arbitrary code on the affected host subject to the privileges under which it operates.

Solution

Upgrade to version 6.29 or higher by updating to SAP GUI for Windows version 7.10 Patchlevel 6 / 6.30 Patchlevel 30 / 6.20 Patchlevel 72 or higher.

See Also

http://archives.neohapsis.com/archives/bugtraq/2008-02/0030.html

http://archives.neohapsis.com/archives/bugtraq/2008-02/0038.html

http://aluigi.altervista.org/adv/saplpdz-adv.txt

Plugin Details

Severity: Critical

ID: 4388

Family: Generic

Published: 2008/02/20

Modified: 2016/01/19

Nessus ID: 31121

Risk Information

Risk Factor: Critical

CVSSv2

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSSv3

Base Score: 9.8

Temporal Score: 9.1

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:F/RL:O/RC:C

Exploitable With

CANVAS (D2ExploitPack)

Core Impact

Metasploit (SAP SAPLPD 6.28 Buffer Overflow)

Reference Information

CVE: CVE-2008-0620, CVE-2008-0621

BID: 27613