CVE-2006-2108

CVE-2006-2108 affects Océ (OCE) 3121/3122 printers. The issue is a denial-of-service via a long request that could trigger a buffer overflow in parser.exe. The NVD data lists CVSSv2 base score 7.8 (Network vector, Low attack complexity, no authentication, availability impact). No remediation or c...

Océ 3121 printer DoS

No description provided...

OCE 3121/3122 Printer (parser.exe) Denial of Service Exploit

Exploit for hardware platform in category dos / poc ============================================================ OCE 3121/3122 Printer parser.exe Denial of Service Exploit ============================================================ !/usr/bin/perl OCE 3121/3122 Printer DoS Exploit...

OCE 3121/3122 Printer (parser.exe) Denial of Service Exploit

No description provided by source. !/usr/bin/perl OCE 3121/3122 Printer DoS Exploit ---------------------------- By Herman Groeneveld aka sh4d0wman trancelover75 AT gmail.com Description: the printer runs a webserver to provide various printing tasks from java enabled browsers. Input is being...

OCE 31213122 Printer - parser.exe Denial of Service

OCE 31213122 Printer - parser.exe Denial of Service !/usr/bin/perl OCE 3121/3122 Printer DoS Exploit ---------------------------- By Herman Groeneveld aka sh4d0wman trancelover75 AT gmail.com Description: the printer runs a webserver to provide various printing tasks from java enabled browsers...

OCE 3121/3122 Printer - 'parser.exe' Denial of Service

!/usr/bin/perl OCE 3121/3122 Printer DoS Exploit ---------------------------- By Herman Groeneveld aka sh4d0wman trancelover75 AT gmail.com Description: the printer runs a webserver to provide various printing tasks from java enabled browsers. Input is being filtered for bad characters. However i...

Ubuntu 4.10 / 5.04 / 5.10 : kdegraphics, koffice, xpdf, cupsys, poppler, tetex-bin vulnerabilities (USN-270-1)

Derek Noonburg discovered several integer overflows in the XPDF code, which is present in xpdf, the Poppler library, and tetex-bin. By tricking an user into opening a specially crafted PDF file, an attacker could exploit this to execute arbitrary code with the privileges of the application that...

Information disclosure

Unspecified vulnerability in the Lexmark Printer Sharing LexBce Server Service LexPPS, possibly 8.29 and 9.41, allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based on a vague initial disclosure; details will be updated after the grace period h...

CVE-2006-0592

Unspecified vulnerability in the Lexmark Printer Sharing LexBce Server Service LexPPS, possibly 8.29 and 9.41, allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based on a vague initial disclosure; details will be updated after the grace period h...

CVE-2006-0592

Technical details about CVE-2006-0592 are not publicly provided in the supplied documents. No concrete affected products, root cause, or remediation are disclosed here; monitor for updates.

CVE-2006-0592

Unspecified vulnerability in the Lexmark Printer Sharing LexBce Server Service LexPPS, possibly 8.29 and 9.41, allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based on a vague initial disclosure; details will be updated after the grace period h...

Code injection

Lexmark X1185 printer allows local users to gain SYSTEM privileges by navigating to the "Appearance" dialog and selecting the "Additional styles skins are available on the Lexmark web site" option, which launches a web browser that is running with SYSTEM privileges...

CVE-2006-0577

CVE-2006-0577 affects Lexmark X1185 printers. Local users can obtain SYSTEM privileges by opening the printer’s Appearance dialog and selecting the option that references additional skins on the Lexmark website, which launches a web browser running with SYSTEM rights. This is a local, privilege-e...

Microsoft IIS 5.0 printer ISAPI extension buffer overflow

Added: 02/08/2006 CVE: CVE-2001-0241 BID: 2674 OSVDB: 3323 Background Microsoft IIS web servers include ISAPI extensions which are invoked in the server process to handle requests of a given type. Problem The ISAPI extension which handles requests for file names ending in .printer is affected by ...

High Risk Vulnerability in Lexmark Printer Sharing Service

Peter Winter-Smith of NGSSoftware has discovered a high risk vulnerability in the Lexmark Printer Sharing service which could allow a remote, unauthenticated attacker to execute arbitrary code on a Lexmark printer user's computer system with Local System privileges. There is no known official pat...

Re: High Risk Vulnerability in Lexmark Printer Sharing Service

Here is a lexmark related local Security issue... I never got anywhere with regard to disclosure... enjoy Lexmark skins code execution. Either LEXBCES.exe, LXBKPSWX.exe, LXBKJSWX.exe, or LEXPPS.exe allows interaction from the user while running as SYSTEM. This interaction can lead to CMD.exe...

CVE-2006-0577

Lexmark X1185 printer allows local users to gain SYSTEM privileges by navigating to the "Appearance" dialog and selecting the "Additional styles skins are available on the Lexmark web site" option, which launches a web browser that is running with SYSTEM privileges...

Microsoft IIS 5.0 printer ISAPI extension buffer overflow

Added: 02/08/2006 CVE: CVE-2001-0241 BID: 2674 OSVDB: 3323 Background Microsoft IIS web servers include ISAPI extensions which are invoked in the server process to handle requests of a given type. Problem The ISAPI extension which handles requests for file names ending in .printer is affected by ...

Ubuntu 4.10 / 5.04 / 5.10 : xpdf/cupsys/tetex-bin/kdegraphics/koffice vulnerabilities (USN-227-1)

infamous41md discovered several integer overflows in the XPDF code, which is present in xpdf, the Poppler library, tetex-bin, KOffice, and kpdf. By tricking an user into opening a specially crafted PDF file, an attacker could exploit this to execute arbitrary code with the privileges of the...

Ubuntu 4.10 : cupsys vulnerability (USN-185-1)

A flaw was detected in the printer access control list checking in the CUPS server. Printer names were compared in a case sensitive manner; by modifying the capitalization of printer names, a remote attacker could circumvent ACLs and print to printers he should not have access to. The Ubuntu 5.04...