Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1704

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2011-1704
Last Modified 06 Sep 2011 11:16:24
Published 09 Jun 2011 03:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1704

Summary

Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted core-package parameter in a printer-url.

Vulnerable Systems

Application

  • Novell Iprint 4.26

  • Novell Iprint 4.27

  • Novell Iprint 4.28

  • Novell Iprint 4.30

  • Novell Iprint 4.32

  • Novell Iprint 4.34

  • Novell Iprint 4.36

  • Novell Iprint 4.38

  • Novell Iprint 5.04

  • Novell Iprint 5.12

  • Novell Iprint 5.20b

  • Novell Iprint 5.30

  • Novell Iprint 5.32

  • Novell Iprint 5.40

  • Novell Iprint 5.42

  • Novell Iprint 5.44

  • Novell Iprint 5.50

  • Novell Iprint 5.52

  • Novell Iprint 5.56

  • Novell Iprint 5.60


References

CONFIRM - http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7008728

CONFIRM - http://download.novell.com/Download?buildid=6_bNby38ERg~

MISC - http://zerodayinitiative.com/advisories/ZDI-11-177/

XF - novell-iprint-corepackage-bo(67879)

SECTRACK - 1025606

BID - 48124

BUGTRAQ - 20110606 ZDI-11-177: Novell iPrint nipplib.dll core-package Remote Code Execution Vulnerability

SECUNIA - 44811


Last Updated: 27 May 2016 10:56:24