Zero-friction vulnerability management platform
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Novell iPrint Client 'printer-url' Multiple BOF Vulnerabilities (Windows)
Information
Severity
Severity
Critical
Family
Family
Buffer overflow
CVSSv2 Base
CVSSv2 Base
9.3
CVSSv2 Vector
CVSSv2 Vector
AV:N/AC:M/Au:N/C:C/I:C/A:C
Solution Type
Solution Type
Vendor Patch
Created
Created
11 years ago
Modified
Modified
3 years ago
Summary
The host is installed with Novell iPrint Client and is prone to multiple buffer overflow vulnerabilities.
Insight
Insight
The flaws exist within the 'nipplib' component which is used by both the ActiveX and Netscape compatible browser plugins. When handling the various parameters from the user specified printer-url the process blindly copies user supplied data into a fixed-length buffer on the heap.
Affected Software
Affected Software
Novell iPrint Client version prior to 5.64 on windows.
Solution
Solution
Upgrade to Novell iPrint Client 5.64 or later.
Common Vulnerabilities and Exposures (CVE)
References
- http://securitytracker.com/id/1025606
- http://www.zerodayinitiative.com/advisories/ZDI-11-172/
- http://www.zerodayinitiative.com/advisories/ZDI-11-173/
- http://www.zerodayinitiative.com/advisories/ZDI-11-174/
- http://www.zerodayinitiative.com/advisories/ZDI-11-175/
- http://www.zerodayinitiative.com/advisories/ZDI-11-176/
- http://www.zerodayinitiative.com/advisories/ZDI-11-177/
- http://www.zerodayinitiative.com/advisories/ZDI-11-178/
- http://www.zerodayinitiative.com/advisories/ZDI-11-179/
- http://www.zerodayinitiative.com/advisories/ZDI-11-180/
- http://www.zerodayinitiative.com/advisories/ZDI-11-181/
- http://download.novell.com/Download?buildid=6_bNby38ERg~