{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-02-12T00:00:00", "descriptions": [{"lang": "en", "value": "Format string vulnerability in the logging function in Larson Network Print Server (LstNPS) 9.4.2 build 105 and earlier for Windows might allow remote attackers to execute arbitrary code via format string specifiers in a USEP command on TCP port 3114."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-15T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20080211 Format string and buffer-overflow in Lst Network Print Server 9.4.2 build 105", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/487956/100/0/threaded"}, {"name": "28890", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28890"}, {"name": "27732", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/27732"}, {"name": "networkprintserver-logging-format-string(40420)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40420"}, {"tags": ["x_refsource_MISC"], "url": "http://aluigi.altervista.org/adv/lstnpsx-adv.txt"}, {"name": "ADV-2008-0500", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/0500"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-0764", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Format string vulnerability in the logging function in Larson Network Print Server (LstNPS) 9.4.2 build 105 and earlier for Windows might allow remote attackers to execute arbitrary code via format string specifiers in a USEP command on TCP port 3114."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20080211 Format string and buffer-overflow in Lst Network Print Server 9.4.2 build 105", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/487956/100/0/threaded"}, {"name": "28890", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28890"}, {"name": "27732", "refsource": "BID", "url": "http://www.securityfocus.com/bid/27732"}, {"name": "networkprintserver-logging-format-string(40420)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40420"}, {"name": "http://aluigi.altervista.org/adv/lstnpsx-adv.txt", "refsource": "MISC", "url": "http://aluigi.altervista.org/adv/lstnpsx-adv.txt"}, {"name": "ADV-2008-0500", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0500"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T07:54:23.297Z"}, "title": "CVE Program Container", "references": [{"name": "20080211 Format string and buffer-overflow in Lst Network Print Server 9.4.2 build 105", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/487956/100/0/threaded"}, {"name": "28890", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28890"}, {"name": "27732", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/27732"}, {"name": "networkprintserver-logging-format-string(40420)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40420"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://aluigi.altervista.org/adv/lstnpsx-adv.txt"}, {"name": "ADV-2008-0500", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/0500"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-0764", "datePublished": "2008-02-13T20:00:00", "dateReserved": "2008-02-13T00:00:00", "dateUpdated": "2024-08-07T07:54:23.297Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:larson_software_technology:network_print_server:*:build_105:*:*:*:*:*:*", "matchCriteriaId": "98192C41-B6A9-489F-B468-93CCE5811BF8", "versionEndIncluding": "9.4.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Format string vulnerability in the logging function in Larson Network Print Server (LstNPS) 9.4.2 build 105 and earlier for Windows might allow remote attackers to execute arbitrary code via format string specifiers in a USEP command on TCP port 3114."}, {"lang": "es", "value": "Vulnerabilidad de cadena de formato en versiones para windows de Larson Network Print Server (LstNPS) 9.4.2 build 105 y anteriores, que pueden permitir a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de especificadores de cadena de formato mediante el comando USEP sobre TCP por el puerto 3114"}], "id": "CVE-2008-0764", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-02-13T21:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://aluigi.altervista.org/adv/lstnpsx-adv.txt"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28890"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/487956/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/27732"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/0500"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40420"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://aluigi.altervista.org/adv/lstnpsx-adv.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28890"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/487956/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/27732"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/0500"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40420"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-134"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}