SAPlpd < 6.29 Multiple Vulnerabilities

Critical Nessus Network Monitor Plugin ID 4388


The remote print service is affected by multiple vulnerabilities.


SAPlpd, a component of SAP GUI, is running on the remote host. According to its version number, the installation of SAPlpd running on the remote host is affected by several denial of service and buffer overflow vulnerabilities. An unauthenticated remote attacker can leverage these issues to crash the affected service or to execute arbitrary code on the affected host subject to the privileges under which it operates.


Upgrade to version 6.29 or higher by updating to SAP GUI for Windows version 7.10 Patchlevel 6 / 6.30 Patchlevel 30 / 6.20 Patchlevel 72 or higher.

See Also

Plugin Details

Severity: Critical

ID: 4388

Family: Generic

Published: 2008/02/20

Modified: 2016/01/19

Nessus ID: 31121

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C


Base Score: 9.8

Temporal Score: 9.1


Temporal Vector: CVSS3#E:F/RL:O/RC:C

Exploitable With

CANVAS (D2ExploitPack)

Core Impact

Metasploit (SAP SAPLPD 6.28 Buffer Overflow)

Reference Information

CVE: CVE-2008-0620, CVE-2008-0621

BID: 27613