The Cisco IOS Line Printer Daemon contains a buffer overflow vulnerability. If successfully exploited, this vulnerability may allow an attacker to execute arbitrary code or create a denial-of-service condition .
The Cisco IOS includes support for the UNIX Line Printer Daemon (LPD) protocol. The LPD service listens on 515/tcp and is not enabled by default.
The IOS LPD service does not properly check the length of the hostname of the router. This error may result in a buffer overflow. See Cisco Security Response Document ID: 99109 for more information about this vulnerability.
An attacker may be able to execute arbitrary code or create a denial-of-service condition .
Cisco has released an update to address this issue. See Cisco Security Response: Cisco IOS Line Printer Daemon (LPD) Protocol Stack Overflow Document ID: 99109 for more details.
The following workarounds may mitigate this vulnerability.
Information about this vulnerability was released by Information Risk Management.
This document was written by Ryan Giobbi.
|Date First Published:||2007-10-13|
|Date Last Updated:||2007-10-15 17:09 UTC|