Description
Buffer overflow in SAPLPD 6.28 and earlier included in SAP GUI 7.10 and SAPSprint before 1018 allows remote attackers to execute arbitrary code via long arguments to the (1) 0x01, (2) 0x02, (3) 0x03, (4) 0x04, and (5) 0x05 LPD commands.
Affected products
- SAP / sapgui7.10 – 7.10
- SAP / saplpd6.28
- SAP / sapsprint
References
- VENDOR_ADVISORYhttp://secunia.com/advisories/28786
- MISChttp://www.securityfocus.com/archive/1/487575/100/0/threaded
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/0409
- MISChttp://www.securitytracker.com/id?1019300
- MISChttp://securityreason.com/securityalert/3619
- MISChttp://www.securityfocus.com/archive/1/487508/100/0/threaded
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/0438
- VENDOR_ADVISORYhttp://secunia.com/advisories/28811
- MISChttp://www.securityfocus.com/bid/27613
- EXPLOIThttps://www.exploit-db.com/exploits/5079