APP: LCDproc LCDd test_func Format String Vulnerability
This signature detects attempts to exploit a known vulnerability against LCDproc. A successful attack can lead to arbitrary code execution.
Extended Description
LCDproc Server (LCDd) has been reported to be prone to multiple remote vulnerabilities. The first issue is reported to exist in the parse_all_client_messages() function of parse.c, and is due to a lack of sufficient boundary checks performed on user-supplied arguments. A remote attacker may exploit this vulnerability to execute arbitrary instructions in the context of the vulnerable service. The second issue exists in the test_func_func() function of client_functions.c. Due to a lack of sufficient boundary checks an attacker may pass data to the function in a manner that is sufficient to trigger a buffer overflow. An attacker may leverage this condition to execute code in the context of the affected service. Finally due the an erroneous implementation of a formatted print function contained in the test_func_func() function of client_functions.c.A remote attacker may supply format specifier characters. An attacker may leverage this condition to execute code in the context of the affected service.
Affected Products
Lcdproc lcdproc
Short Name
APP:MISC:LCDPROC-TEST-FUNC-FS
Severity
Major
Recommended
False
Recommended Action
None
Category
APP
Keywords
CVE-2004-1917 Format LCDd LCDproc String Vulnerability bid:10085 test_func
Release Date
02/27/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
Port
tcp/13666
False Positive
Occasionally
Vendors
Lcdproc
CVSS Score
7.5