CVE-2010-4328

Novell iPrint Open Enterprise Server SP2-SP3 - Remote Code Execution via LPR Opcode Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-4328. PoCs published by Francis Provencher.

AI-analyzed exploit summary This Perl script exploits CVE-2010-4328 by sending a malformed packet to a vulnerable LPD (Line Printer Daemon) service, causing a denial-of-service (DoS) condition. The exploit sends a long string of 'A' characters followed by 'DCBA' to trigger the vulnerability.

Description

Multiple stack-based buffer overflows in opt/novell/iprint/bin/ipsmd in Novell iPrint for Linux Open Enterprise Server 2 SP2 and SP3 allow remote attackers to execute arbitrary code via unspecified LPR opcodes.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Francis Provencher · perldoslinux

https://www.exploit-db.com/exploits/16192

View Code ZIP pw:eip

This Perl script exploits CVE-2010-4328 by sending a malformed packet to a vulnerable LPD (Line Printer Daemon) service, causing a denial-of-service (DoS) condition. The exploit sends a long string of 'A' characters followed by 'DCBA' to trigger the vulnerability.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: LPD (Line Printer Daemon) service

No auth needed

Prerequisites: Network access to the target LPD service on port 515

MITRE ATT&CK