Cross site request forgery (csrf)

2012-02-1417:55:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

High

0.092 Low

EPSS

Percentile

94.7%

JSON

NetSarang Xlpd 4 Build 0100 and NetSarang Xmanager Enterprise 4 Build 0186 allow remote attackers to cause a denial of service (daemon crash) via a malformed LPD request.

CPENameOperatorVersion
xlpdeq4 100
xmanager_enterpriseeq4 186

CPE	Name	Operator	Version
	xlpd	eq	4 100
	xmanager_enterprise	eq	4 186

References

secpod.org/advisories/SecPod_Exploit_NetSarang_Xlpd_Printer_Daemon_DoS_Vuln.txt

secpod.org/blog/?p=457

www.securityfocus.com/bid/51821

exchange.xforce.ibmcloud.com/vulnerabilities/72933

www.exploit-db.com/exploits/18454