VIGILANTE-2000013.txt

2000-09-19T00:00:00
ID PACKETSTORM:23145
Type packetstorm
Reporter Vigilante
Modified 2000-09-19T00:00:00

Description

                                        
                                            `WinCOM LPD DoS  
  
Advisory Code: VIGILANTE-2000013  
  
Release Date:  
September 19, 2000  
  
Systems Affected:  
- WinCOM LPD V1.00.90 for Windows NT  
  
THE PROBLEM  
A continuos stream of LPD options, sent to the LPD port (default TCP  
port 515) on the host running WinCOM, will eventually consume all the  
memory on that host.  
  
Vendor Status:  
The vendor was contacted on the 8th of September and the vulnerability  
was verified by them on the 19th of September.   
  
Fix:  
There is currently no known release date for a fix. Vendor replied:  
  
"I do not have any release date to offer you.  
It will be fixed in a future release.  
Thank you for bringing this to our attention."  
  
Vendor URL: http://www.ipswitch.com  
Product URL: http://www.ipswitch.com/cgi/download_eval.pl  
Copyright VIGILANTe 2000-09-12  
  
Disclaimer:  
The information within this document may change without notice. Use of  
this information constitutes acceptance for use in an AS IS  
condition. There are NO warranties with regard to this information.  
In no event shall the author be liable for any consequences whatsoever  
arising out of or in connection with the use or spread of this  
information. Any use of this information lays within the user's  
responsibility.  
  
Feedback:  
Please send suggestions, updates, and comments to:  
  
VIGILANTe  
mailto: isis@vigilante.com  
http://www.vigilante.com  
`