CVE-2008-0763

Larson Network Print Server < 9.4.2 - Remote Code Execution via Long LICENSE Command

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-0763. PoCs published by Luigi Auriemma.

AI-analyzed exploit summary The exploit demonstrates a format-string and buffer-overflow vulnerability in Larson Software Technology Network Print Server. It sends a maliciously crafted LICENSE command with a long string of 'a' characters to trigger the vulnerability via port 3114.

Description

Stack-based buffer overflow in NPSpcSVR.exe in Larson Network Print Server (LstNPS) 9.4.2 build 105 and earlier allows remote attackers to execute arbitrary code via a long argument in a LICENSE command on TCP port 3114.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Luigi Auriemma · textdoswindows

https://www.exploit-db.com/exploits/31138

View Code ZIP pw:eip

The exploit demonstrates a format-string and buffer-overflow vulnerability in Larson Software Technology Network Print Server. It sends a maliciously crafted LICENSE command with a long string of 'a' characters to trigger the vulnerability via port 3114.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Larson Software Technology Network Print Server 9.4.2 build 105 and prior

No auth needed

Prerequisites: network access to the target server · target service running on port 3114

MITRE ATT&CK