Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1706

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2011-1706
Last Modified 06 Sep 2011 11:16:24
Published 09 Jun 2011 03:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1706

Summary

Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted iprint-client-config-info parameter in a printer-url.

Vulnerable Systems

Application

  • Novell Iprint 4.26

  • Novell Iprint 4.27

  • Novell Iprint 4.28

  • Novell Iprint 4.30

  • Novell Iprint 4.32

  • Novell Iprint 4.34

  • Novell Iprint 4.36

  • Novell Iprint 4.38

  • Novell Iprint 5.04

  • Novell Iprint 5.12

  • Novell Iprint 5.20b

  • Novell Iprint 5.30

  • Novell Iprint 5.32

  • Novell Iprint 5.40

  • Novell Iprint 5.42

  • Novell Iprint 5.44

  • Novell Iprint 5.50

  • Novell Iprint 5.52

  • Novell Iprint 5.56

  • Novell Iprint 5.60


References

MISC - http://zerodayinitiative.com/advisories/ZDI-11-179/

XF - novell-iprint-iprintclientconfiginfo-bo(67881)

SECTRACK - 1025606

BID - 48124

BUGTRAQ - 20110606 ZDI-11-179: Novell iPrint nipplib.dll iprint-client-config-info Remote Code Execution Vulnerability

CONFIRM - http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7008730

SECUNIA - 44811

CONFIRM - http://download.novell.com/Download?buildid=6_bNby38ERg~


Last Updated: 27 May 2016 10:56:24