TCP/IP Printing Service Denial of Service Vulnerability

vendor:

Windows NT/2000

by:

SecurityFocus

7.5

CVSS

HIGH

Denial of Service

400

CWE

Product Name: Windows NT/2000

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows

2002

TCP/IP Printing Service Denial of Service Vulnerability

A malformed print request sent to port 515 of the TCP/IP Printing Service can cause the service to cease functioning and can affect other services as well, including SimpTCP, DHCPServer, FTPSvc, LPDSvc, and BinlSvc. The service will require to be stopped and restarted in order to regain normal functionality.

Mitigation:

Ensure that the TCP/IP Printing Service is not installed by default on Windows NT or Windows 2000.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/1082/info

The TCP/IP Printing Service (also known as Print Services for Unix in Windows 2000) is the mechanism used for print service integration with Unix environments.

It relies on port 515 for data transmittal. A malformed print request sent to this particular port can cause the service to cease functioning and can affect other services as well, including SimpTCP, DHCPServer, FTPSvc, LPDSvc, and BinlSvc. The service will require to be stopped and restarted in order to regain normal functionality.

The TCP/IP Printing Service is not installed by default on Windows NT or Windows 2000 and this exploit does not affect the printing services native to Windows.


https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/19827-1.exe

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/19827-2.zip