CVE-2008-0764

Larson Network Print Server < 9.4.2 - Remote Code Execution via Format String in USEP Command

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-0764. PoCs published by Luigi Auriemma.

AI-analyzed exploit summary The exploit leverages a format-string vulnerability in Larson Software Technology Network Print Server by sending a malformed input via netcat to port 3114, potentially leading to arbitrary code execution or denial of service.

Description

Format string vulnerability in the logging function in Larson Network Print Server (LstNPS) 9.4.2 build 105 and earlier for Windows might allow remote attackers to execute arbitrary code via format string specifiers in a USEP command on TCP port 3114.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Luigi Auriemma · textdoswindows

https://www.exploit-db.com/exploits/31139

View Code ZIP pw:eip

The exploit leverages a format-string vulnerability in Larson Software Technology Network Print Server by sending a malformed input via netcat to port 3114, potentially leading to arbitrary code execution or denial of service.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Larson Software Technology Network Print Server 9.4.2 build 105 and prior

No auth needed

Prerequisites: Network access to the target server · Netcat or similar tool

MITRE ATT&CK