ID de Prueba:	1.3.6.1.4.1.25623.1.0.801951
Categoría:	Buffer overflow
Título:	Novell iPrint Client 'printer-url' Multiple BOF Vulnerabilities - Windows
Resumen:	Novell iPrint Client is prone to multiple buffer overflow vulnerabilities.
Descripción:	Summary: Novell iPrint Client is prone to multiple buffer overflow vulnerabilities. Vulnerability Insight: The flaws exist within the 'nipplib' component which is used by both the ActiveX and Netscape compatible browser plugins. When handling the various parameters from the user specified printer-url the process blindly copies user supplied data into a fixed-length buffer on the heap. Vulnerability Impact: Successful exploitation could allow attackers to execute arbitrary code under the context of the browser. Affected Software/OS: Novell iPrint Client version prior to 5.64 on windows. Solution: Upgrade to Novell iPrint Client 5.64 or later. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1699 BugTraq ID: 48124 http://www.securityfocus.com/bid/48124 Bugtraq: 20110606 ZDI-11-172: Novell iPrint nipplib.dll uri Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/518266/100/0/threaded http://zerodayinitiative.com/advisories/ZDI-11-172/ http://www.securitytracker.com/id?1025606 http://secunia.com/advisories/44811 Common Vulnerability Exposure (CVE) ID: CVE-2011-1700 Bugtraq: 20110606 ZDI-11-173: Novell iPrint nipplib.dll profile-time Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/518267/100/0/threaded http://zerodayinitiative.com/advisories/ZDI-11-173/ Common Vulnerability Exposure (CVE) ID: CVE-2011-1701 Bugtraq: 20110606 ZDI-11-174: Novell iPrint nipplib.dll profile-name Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/518269/100/0/threaded http://zerodayinitiative.com/advisories/ZDI-11-174/ XForce ISS Database: novell-iprint-profilename-bo(67876) https://exchange.xforce.ibmcloud.com/vulnerabilities/67876 Common Vulnerability Exposure (CVE) ID: CVE-2011-1702 Bugtraq: 20110606 ZDI-11-175: Novell iPrint nipplib.dll file-date-time Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/518270/100/0/threaded http://zerodayinitiative.com/advisories/ZDI-11-175/ XForce ISS Database: novell-iprint-filedatetime-bo(67877) https://exchange.xforce.ibmcloud.com/vulnerabilities/67877 Common Vulnerability Exposure (CVE) ID: CVE-2011-1703 Bugtraq: 20110606 ZDI-11-176: Novell iPrint nipplib.dll driver-version Remote Code Vulnerability (Google Search) http://www.securityfocus.com/archive/1/518271/100/0/threaded http://zerodayinitiative.com/advisories/ZDI-11-176/ XForce ISS Database: novell-iprint-driverversion-bo(67878) https://exchange.xforce.ibmcloud.com/vulnerabilities/67878 Common Vulnerability Exposure (CVE) ID: CVE-2011-1704 Bugtraq: 20110606 ZDI-11-177: Novell iPrint nipplib.dll core-package Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/518268/100/0/threaded http://zerodayinitiative.com/advisories/ZDI-11-177/ XForce ISS Database: novell-iprint-corepackage-bo(67879) https://exchange.xforce.ibmcloud.com/vulnerabilities/67879 Common Vulnerability Exposure (CVE) ID: CVE-2011-1705 Bugtraq: 20110606 ZDI-11-178: Novell iPrint nipplib.dll client-file-name Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/518272/100/0/threaded http://zerodayinitiative.com/advisories/ZDI-11-178/ XForce ISS Database: novell-iprint-clientfilename-bo(67880) https://exchange.xforce.ibmcloud.com/vulnerabilities/67880 Common Vulnerability Exposure (CVE) ID: CVE-2011-1706 Bugtraq: 20110606 ZDI-11-179: Novell iPrint nipplib.dll iprint-client-config-info Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/518273/100/0/threaded http://zerodayinitiative.com/advisories/ZDI-11-179/ XForce ISS Database: novell-iprint-iprintclientconfiginfo-bo(67881) https://exchange.xforce.ibmcloud.com/vulnerabilities/67881 Common Vulnerability Exposure (CVE) ID: CVE-2011-1707 Bugtraq: 20110606 ZDI-11-181: Novell iPrint op-printer-list-all-jobs url Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/518275/100/0/threaded http://zerodayinitiative.com/advisories/ZDI-11-181/ XForce ISS Database: novell-iprint-opprinterlistalljobs-bo(67883) https://exchange.xforce.ibmcloud.com/vulnerabilities/67883 Common Vulnerability Exposure (CVE) ID: CVE-2011-1708 Bugtraq: 20110606 ZDI-11-180: Novell iPrint op-printer-list-all-jobs cookie Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/518274/100/0/threaded http://zerodayinitiative.com/advisories/ZDI-11-180/ XForce ISS Database: novell-iprint-opprinterlistalljobs-cookie-bo(67882) https://exchange.xforce.ibmcloud.com/vulnerabilities/67882
Copyright	Copyright (C) 2011 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.