Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3173

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2011-3173
Last Modified 30 Nov 2011 12:52:12
Published 29 Nov 2011 11:05:58
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-3173

Summary

Stack-based buffer overflow in the GetDriverSettings function in nipplib.dll in the iPrint client in Novell Open Enterprise Server 2 (aka OES2) SP3 allows remote attackers to execute arbitrary code via a long (1) hostname or (2) port field.

Vulnerable Systems

Application

  • Novell Iprint Open Enterprise Server 2


References

CONFIRM - https://bugzilla.novell.com/show_bug.cgi?id=707730

MISC - http://www.zerodayinitiative.com/advisories/ZDI-11-309/

CONFIRM - http://www.novell.com/support/viewContent.do?externalId=7009676

CONFIRM - http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5117031.html

CONFIRM - http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5117030.html


Last Updated: 27 May 2016 10:57:14