Hummingbird InetD LPD buffer overflow

2005-11-29T00:00:00
ID SAINT:FF784FFA521183CF55B95BE5BCE1A050
Type saint
Reporter SAINT Corporation
Modified 2005-11-29T00:00:00

Description

Added: 11/29/2005
CVE: CVE-2005-1815
BID: 13788
OSVDB: 16957

Background

Hummingbird InetD implements common UNIX services on Windows platforms.

Problem

The Hummingbird InetD LPD service is affected by a buffer overflow which allows remote command execution.

Resolution

Apply the patch.

References

<http://connectivity.hummingbird.com/support/nc/exceed/lpdw_advisory.html>

Limitations

Exploit works with Hummingbird Exceed version 10 SP5.

Platforms

Windows 2000
Windows XP / Windows XP SP1
Windows XP SP2
Windows Server 2003