Search criteria
3 vulnerabilities by clientsoftware
CVE-2008-5176 (GCVE-0-2008-5176)
Vulnerability from cvelistv5 – Published: 2008-11-20 15:00 – Updated: 2024-08-07 10:40
VLAI
Summary
Multiple buffer overflows in Client Software WinCom LPD Total 3.0.2.623 and earlier allow remote attackers to execute arbitrary code via (1) a long 0x02 command to the remote administration service on TCP port 13500 or (2) a long invalid control filename to LPDService.exe on TCP port 515.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://aluigi.org/adv/wincomalpd-adv.txt | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/487507/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.vupen.com/english/advisories/2008/0410 | vdb-entryx_refsource_VUPEN |
| http://secunia.com/advisories/28763 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/27614 | vdb-entryx_refsource_BID |
| http://securityreason.com/securityalert/4610 | third-party-advisoryx_refsource_SREASON |
| http://aluigi.org/poc/wincomalpd.zip | x_refsource_MISC |
Date Public
2008-02-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:40:17.223Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.org/adv/wincomalpd-adv.txt"
},
{
"name": "20080204 Multiple vulnerabilities in WinCom LPD Total 3.0.2.623",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/487507/100/200/threaded"
},
{
"name": "ADV-2008-0410",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0410"
},
{
"name": "28763",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28763"
},
{
"name": "27614",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27614"
},
{
"name": "4610",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4610"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.org/poc/wincomalpd.zip"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Client Software WinCom LPD Total 3.0.2.623 and earlier allow remote attackers to execute arbitrary code via (1) a long 0x02 command to the remote administration service on TCP port 13500 or (2) a long invalid control filename to LPDService.exe on TCP port 515."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.org/adv/wincomalpd-adv.txt"
},
{
"name": "20080204 Multiple vulnerabilities in WinCom LPD Total 3.0.2.623",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/487507/100/200/threaded"
},
{
"name": "ADV-2008-0410",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0410"
},
{
"name": "28763",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28763"
},
{
"name": "27614",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27614"
},
{
"name": "4610",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4610"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.org/poc/wincomalpd.zip"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5176",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in Client Software WinCom LPD Total 3.0.2.623 and earlier allow remote attackers to execute arbitrary code via (1) a long 0x02 command to the remote administration service on TCP port 13500 or (2) a long invalid control filename to LPDService.exe on TCP port 515."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://aluigi.org/adv/wincomalpd-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.org/adv/wincomalpd-adv.txt"
},
{
"name": "20080204 Multiple vulnerabilities in WinCom LPD Total 3.0.2.623",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/487507/100/200/threaded"
},
{
"name": "ADV-2008-0410",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0410"
},
{
"name": "28763",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28763"
},
{
"name": "27614",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27614"
},
{
"name": "4610",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4610"
},
{
"name": "http://aluigi.org/poc/wincomalpd.zip",
"refsource": "MISC",
"url": "http://aluigi.org/poc/wincomalpd.zip"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5176",
"datePublished": "2008-11-20T15:00:00.000Z",
"dateReserved": "2008-11-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T10:40:17.223Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-5158 (GCVE-0-2008-5158)
Vulnerability from cvelistv5 – Published: 2008-11-18 21:00 – Updated: 2024-08-07 10:40
VLAI
Summary
Client Software WinCom LPD Total 3.0.2.623 and earlier allows remote attackers to bypass authentication and perform administrative actions via vectors involving "simply skipping the auth stage."
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://aluigi.org/adv/wincomalpd-adv.txt | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/487507/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.vupen.com/english/advisories/2008/0410 | vdb-entryx_refsource_VUPEN |
| http://secunia.com/advisories/28763 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/27614 | vdb-entryx_refsource_BID |
| http://securityreason.com/securityalert/4610 | third-party-advisoryx_refsource_SREASON |
| http://aluigi.org/poc/wincomalpd.zip | x_refsource_MISC |
Date Public
2008-02-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:40:17.309Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.org/adv/wincomalpd-adv.txt"
},
{
"name": "20080204 Multiple vulnerabilities in WinCom LPD Total 3.0.2.623",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/487507/100/200/threaded"
},
{
"name": "ADV-2008-0410",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0410"
},
{
"name": "28763",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28763"
},
{
"name": "27614",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27614"
},
{
"name": "4610",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4610"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.org/poc/wincomalpd.zip"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Client Software WinCom LPD Total 3.0.2.623 and earlier allows remote attackers to bypass authentication and perform administrative actions via vectors involving \"simply skipping the auth stage.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.org/adv/wincomalpd-adv.txt"
},
{
"name": "20080204 Multiple vulnerabilities in WinCom LPD Total 3.0.2.623",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/487507/100/200/threaded"
},
{
"name": "ADV-2008-0410",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0410"
},
{
"name": "28763",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28763"
},
{
"name": "27614",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27614"
},
{
"name": "4610",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4610"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.org/poc/wincomalpd.zip"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5158",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Client Software WinCom LPD Total 3.0.2.623 and earlier allows remote attackers to bypass authentication and perform administrative actions via vectors involving \"simply skipping the auth stage.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://aluigi.org/adv/wincomalpd-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.org/adv/wincomalpd-adv.txt"
},
{
"name": "20080204 Multiple vulnerabilities in WinCom LPD Total 3.0.2.623",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/487507/100/200/threaded"
},
{
"name": "ADV-2008-0410",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0410"
},
{
"name": "28763",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28763"
},
{
"name": "27614",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27614"
},
{
"name": "4610",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4610"
},
{
"name": "http://aluigi.org/poc/wincomalpd.zip",
"refsource": "MISC",
"url": "http://aluigi.org/poc/wincomalpd.zip"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5158",
"datePublished": "2008-11-18T21:00:00.000Z",
"dateReserved": "2008-11-18T00:00:00.000Z",
"dateUpdated": "2024-08-07T10:40:17.309Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-5159 (GCVE-0-2008-5159)
Vulnerability from cvelistv5 – Published: 2008-11-18 21:00 – Updated: 2024-08-07 10:40
VLAI
Summary
Integer overflow in the remote administration protocol processing in Client Software WinCom LPD Total 3.0.2.623 and earlier allows remote attackers to cause a denial of service (crash) via a large string length argument, which triggers memory corruption.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://aluigi.org/adv/wincomalpd-adv.txt | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/487507/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.vupen.com/english/advisories/2008/0410 | vdb-entryx_refsource_VUPEN |
| http://secunia.com/advisories/28763 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/27614 | vdb-entryx_refsource_BID |
| http://securityreason.com/securityalert/4610 | third-party-advisoryx_refsource_SREASON |
| http://aluigi.org/poc/wincomalpd.zip | x_refsource_MISC |
Date Public
2008-02-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:40:17.184Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.org/adv/wincomalpd-adv.txt"
},
{
"name": "20080204 Multiple vulnerabilities in WinCom LPD Total 3.0.2.623",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/487507/100/200/threaded"
},
{
"name": "ADV-2008-0410",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0410"
},
{
"name": "28763",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28763"
},
{
"name": "27614",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27614"
},
{
"name": "4610",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4610"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.org/poc/wincomalpd.zip"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the remote administration protocol processing in Client Software WinCom LPD Total 3.0.2.623 and earlier allows remote attackers to cause a denial of service (crash) via a large string length argument, which triggers memory corruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.org/adv/wincomalpd-adv.txt"
},
{
"name": "20080204 Multiple vulnerabilities in WinCom LPD Total 3.0.2.623",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/487507/100/200/threaded"
},
{
"name": "ADV-2008-0410",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0410"
},
{
"name": "28763",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28763"
},
{
"name": "27614",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27614"
},
{
"name": "4610",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4610"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.org/poc/wincomalpd.zip"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5159",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the remote administration protocol processing in Client Software WinCom LPD Total 3.0.2.623 and earlier allows remote attackers to cause a denial of service (crash) via a large string length argument, which triggers memory corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://aluigi.org/adv/wincomalpd-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.org/adv/wincomalpd-adv.txt"
},
{
"name": "20080204 Multiple vulnerabilities in WinCom LPD Total 3.0.2.623",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/487507/100/200/threaded"
},
{
"name": "ADV-2008-0410",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0410"
},
{
"name": "28763",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28763"
},
{
"name": "27614",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27614"
},
{
"name": "4610",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4610"
},
{
"name": "http://aluigi.org/poc/wincomalpd.zip",
"refsource": "MISC",
"url": "http://aluigi.org/poc/wincomalpd.zip"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5159",
"datePublished": "2008-11-18T21:00:00.000Z",
"dateReserved": "2008-11-18T00:00:00.000Z",
"dateUpdated": "2024-08-07T10:40:17.184Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}