CVE-2008-5158 Information

Description

Client Software WinCom LPD Total 3.0.2.623 and earlier allows remote attackers to bypass authentication and perform administrative actions via vectors involving \simply skipping the auth stage.\

Reference

http://aluigi.org/adv/wincomalpd-adv.txt http://aluigi.org/poc/wincomalpd.zip http://secunia.com/advisories/28763 http://securityreason.com/securityalert/4610 http://www.securityfocus.com/archive/1/487507/100/200/threaded http://www.securityfocus.com/bid/27614 http://www.vupen.com/english/advisories/2008/0410