{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-02-04T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflow in SAPLPD 6.28 and earlier included in SAP GUI 7.10 and SAPSprint before 1018 allows remote attackers to execute arbitrary code via long arguments to the (1) 0x01, (2) 0x02, (3) 0x03, (4) 0x04, and (5) 0x05 LPD commands."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-15T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "28786", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28786"}, {"name": "20080205 Re: Multiple vulnerabilities in SAPlpd 6.28", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/487575/100/0/threaded"}, {"name": "ADV-2008-0409", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/0409"}, {"name": "1019300", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1019300"}, {"name": "3619", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/3619"}, {"name": "20080204 Multiple vulnerabilities in SAPlpd 6.28", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/487508/100/0/threaded"}, {"name": "ADV-2008-0438", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/0438"}, {"name": "28811", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28811"}, {"name": "27613", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/27613"}, {"name": "5079", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/5079"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-0621", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow in SAPLPD 6.28 and earlier included in SAP GUI 7.10 and SAPSprint before 1018 allows remote attackers to execute arbitrary code via long arguments to the (1) 0x01, (2) 0x02, (3) 0x03, (4) 0x04, and (5) 0x05 LPD commands."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "28786", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28786"}, {"name": "20080205 Re: Multiple vulnerabilities in SAPlpd 6.28", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/487575/100/0/threaded"}, {"name": "ADV-2008-0409", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0409"}, {"name": "1019300", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1019300"}, {"name": "3619", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/3619"}, {"name": "20080204 Multiple vulnerabilities in SAPlpd 6.28", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/487508/100/0/threaded"}, {"name": "ADV-2008-0438", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0438"}, {"name": "28811", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28811"}, {"name": "27613", "refsource": "BID", "url": "http://www.securityfocus.com/bid/27613"}, {"name": "5079", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/5079"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T07:54:23.070Z"}, "title": "CVE Program Container", "references": [{"name": "28786", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28786"}, {"name": "20080205 Re: Multiple vulnerabilities in SAPlpd 6.28", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/487575/100/0/threaded"}, {"name": "ADV-2008-0409", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/0409"}, {"name": "1019300", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1019300"}, {"name": "3619", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/3619"}, {"name": "20080204 Multiple vulnerabilities in SAPlpd 6.28", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/487508/100/0/threaded"}, {"name": "ADV-2008-0438", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/0438"}, {"name": "28811", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28811"}, {"name": "27613", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/27613"}, {"name": "5079", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/5079"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-0621", "datePublished": "2008-02-06T11:00:00", "dateReserved": "2008-02-05T00:00:00", "dateUpdated": "2024-08-07T07:54:23.070Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sap:sapgui:7.10:*:*:*:*:*:*:*", "matchCriteriaId": "BCEAAEEF-62DE-4BDD-846A-EA746FC4AADC", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:saplpd:*:*:*:*:*:*:*:*", "matchCriteriaId": "7F9C73A3-56A4-41C3-895A-4D49608B2946", "versionEndIncluding": "6.28", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:sapsprint:*:*:*:*:*:*:*:*", "matchCriteriaId": "ADF65E3D-45F1-4491-8532-B5BE4F6CD2E4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Buffer overflow in SAPLPD 6.28 and earlier included in SAP GUI 7.10 and SAPSprint before 1018 allows remote attackers to execute arbitrary code via long arguments to the (1) 0x01, (2) 0x02, (3) 0x03, (4) 0x04, and (5) 0x05 LPD commands."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer en SAPLPD 6.28 y anteriores incluidas en SAP GUI 7.10 y SAPSprint antes de 1018. Permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de argumentos largos a los comandos 1) 0x01, (2) 0x02, (3) 0x03, (4) 0x04 y (5) 0x05 LPD."}], "id": "CVE-2008-0621", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-02-06T12:00:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28786"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/28811"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/3619"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/487508/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/487575/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/27613"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1019300"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/0409"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/0438"}, {"source": "cve@mitre.org", "url": "https://www.exploit-db.com/exploits/5079"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28786"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28811"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/3619"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/487508/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/487575/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/27613"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1019300"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/0409"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/0438"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.exploit-db.com/exploits/5079"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}