A malicious attacker could cause all available memory on a Windows NT host to be consumed if that Windows NT host is running WinCOM LPD V1.00.90. DEMONSTRATION By sending a constant stream of LPD options to TCP port 515, which is the default port that WinCOM LPD listens on, an attacker can cause all available memory resources to be consumed. VENDOR RESPONSE According to Vigilante, the vendor was contacted and has committed to fixing this issue in their next release of WinCOM LPD. CREDIT |
0 comments
Hide comments