The Cisco IOS Line Printer Daemon contains a buffer overflow vulnerability. If successfully exploited, this vulnerability may allow an attacker to execute arbitrary code or create a denial-of-service condition .
The Cisco IOS includes support for the UNIX Line Printer Daemon (LPD) protocol. The LPD service listens on 515/tcp and is not enabled by default.
The IOS LPD service does not properly check the length of the hostname of the router. This error may result in a buffer overflow. See Cisco Security Response Document ID: 99109 for more information about this vulnerability.
An attacker may be able to execute arbitrary code or create a denial-of-service condition .
Cisco has released an update to address this issue. See Cisco Security Response: Cisco IOS Line Printer Daemon (LPD) Protocol Stack Overflow Document ID: 99109 for more details.
The following workarounds may mitigate this vulnerability.
Cisco Systems, Inc.
Information about this vulnerability was released by Information Risk Management.
This document was written by Ryan Giobbi.
|Date First Published:||2007-10-13|
|Date Last Updated:||2007-10-15 17:09 UTC|