SAPlpd < 6.29 Multiple Vulnerabilities

critical Nessus Network Monitor Plugin ID 4388

Synopsis

The remote print service is affected by multiple vulnerabilities.

Description

SAPlpd, a component of SAP GUI, is running on the remote host. According to its version number, the installation of SAPlpd running on the remote host is affected by several denial of service and buffer overflow vulnerabilities. An unauthenticated remote attacker can leverage these issues to crash the affected service or to execute arbitrary code on the affected host subject to the privileges under which it operates.

Solution

Upgrade to version 6.29 or higher by updating to SAP GUI for Windows version 7.10 Patchlevel 6 / 6.30 Patchlevel 30 / 6.20 Patchlevel 72 or higher.

See Also

http://archives.neohapsis.com/archives/bugtraq/2008-02/0030.html

http://archives.neohapsis.com/archives/bugtraq/2008-02/0038.html

http://aluigi.altervista.org/adv/saplpdz-adv.txt

Plugin Details

Severity: Critical

ID: 4388

Family: Generic

Published: 2/20/2008

Updated: 3/6/2019

Nessus ID: 31121

Risk Information

VPR

Risk Factor: High

Score: 7.0

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:sap:saplpd

Exploitable With

CANVAS (D2ExploitPack)

Core Impact

Metasploit (SAP SAPLPD 6.28 Buffer Overflow)

Reference Information

CVE: CVE-2008-0620, CVE-2008-0621

BID: 27613