Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0756

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-0756
Last Modified 07 Mar 2011 10:05:24
Published 13 Feb 2008 03:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-0756

Summary

The LPD server in cyan soft Opium OPI Server 4.10.1028 and earlier; cyanPrintIP Easy OPI, Professional, and Basic 4.10.1030 and earlier; Workstation 4.10.836 and earlier; and Standard 4.10.940 and earlier; allows remote attackers to cause a denial of service (daemon crash) via a connection that begins with (1) a "Send queue state" LPD command 3 or (2) a "Send queue state" LPD command 4.

Vulnerable Systems

Application

  • Cyan Soft Cyanprintip Basic 4.10.1030

  • Cyan Soft Cyanprintip Easy Opi 4.10.1030

  • Cyan Soft Cyanprintip Professional 4.10.1030

  • Cyan Soft Cyanprintip Standard 4.10.940

  • Cyan Soft Cyanprintip Workstation 4.10.836

  • Cyan Soft Opium4 Opi Server 4.10.1028


References

VUPEN - ADV-2008-0498

BID - 27734

BID - 27728

SECUNIA - 28870

MISC - http://aluigi.altervista.org/adv/cyanuro-adv.txt

BUGTRAQ - 20080211 Format string and DoS in Opium OPI and cyanPrintIP servers 4.10.x


Last Updated: 27 May 2016 10:46:55