CVE-2008-5159

Client Software WinCom LPD Total < 3.0.2.623 - Denial of Service via Large String Length Argument

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2008-5159. PoCs published by Metasploit, Luigi Auriemma, including Metasploit module exploits/windows/lpd/wincomlpd_admin.

AI-analyzed exploit summary This Metasploit module exploits a stack buffer overflow in WinComLPD <= 3.0.2 by sending an overly long authentication packet to the remote administration service on port 13500, allowing arbitrary code execution.

Description

Integer overflow in the remote administration protocol processing in Client Software WinCom LPD Total 3.0.2.623 and earlier allows remote attackers to cause a denial of service (crash) via a large string length argument, which triggers memory corruption.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16335

This Metasploit module exploits a stack buffer overflow in WinComLPD <= 3.0.2 by sending an overly long authentication packet to the remote administration service on port 13500, allowing arbitrary code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: WinComLPD <= 3.0.2.623
No auth needed
Prerequisites: Network access to the target system · WinComLPD service running on port 13500
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by Luigi Auriemma · textremotemultiple
https://www.exploit-db.com/exploits/31106

The provided text is a vulnerability description for WinComLPD Total, detailing buffer-overflow and authentication-bypass vulnerabilities. It references a binary exploit but does not contain actual exploit code.

Classification
Writeup 90%
Attack Type
Rce | Auth Bypass
Complexity
Moderate
Reliability
Theoretical
Target: WinComLPD Total 3.0.2.623
No auth needed
Prerequisites: Network access to the target system · WinComLPD Total service running
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC GOOD
rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/lpd/wincomlpd_admin.rb

This Metasploit module exploits a stack buffer overflow in WinComLPD <= 3.0.2 by sending an overly long authentication packet to the remote administration service on port 13500, allowing arbitrary code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: WinComLPD <= 3.0.2.623
No auth needed
Prerequisites: Network access to target port 13500 · WinComLPD service running
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (7)

Core 7
Core References
Various Sources x_refsource_misc
http://aluigi.org/adv/wincomalpd-adv.txt
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/28763
Various Sources x_refsource_misc
http://aluigi.org/poc/wincomalpd.zip
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/487507/100/200/threaded
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0410
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/27614
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/4610

Scores

EPSS 0.5967
EPSS Percentile 99.0%

Details

CWE
CWE-189
Status published
Products (1)
clientsoftware/wincome_mpd_total < 3.0.2.623
Published Nov 18, 2008
Tracked Since Feb 18, 2026