 |
|
|
|
|
 |
 |
|
 |
LPRng format string exploit v1.42
Vulnerability exploited: CVE-2000-0917 - BID-1712
Category: Exploits/Remote
This module exploits a format string bug present in the LPRng daemon.
LPRng contains a function, use_syslog(), that returns user input to a string in LPRng that is passed to syslog() as the format string. As a result, it is possible to corrupt the program's flow of execution by entering malicious format specifiers.
Supported Systems:
This module is included in the latest version of CORE IMPACT, the first automated comprehensive penetration testing product for accurately identifying information security risks. Click here to learn more about the product.
|
|
|
|
 |
|
 |
 |
|
 | |
