CVE-2008-5176

Name of the Vulnerable Software and Affected Versions Client Software WinCom LPD Total versions 3.0.2.623 and earlier

Description The issue allows remote attackers to execute arbitrary code due to multiple buffer overflows. This can be achieved via a long 0x02 command to the remote administration service on TCP port 13500 or a long invalid control filename to LPDService.exe on TCP port 515.

Recommendations For versions 3.0.2.623 and earlier, as a temporary workaround, consider restricting access to the remote administration service on TCP port 13500 and LPDService.exe on TCP port 515 until a patch is available. Avoid using long commands or invalid filenames in these services to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.