Detections
Analytics

Novell iPrint Client nipplib.dll ActiveX (ienipp.ocx) IppCreateServerRef Function Overflow

high Nessus Plugin ID 34085

Synopsis

The remote Windows host has an application that is affected by a buffer overflow vulnerability.

Description

The installed version of Novell iPrint Client is affected by a buffer overflow vulnerability.

By passing very long arguments to either 'GetPrinterURLList()', 'GetPrinterURLList2()', or 'GetFileList2()' functions available in ActiveX control 'ienipp.ocx', it may be possible to cause a heap-based buffer overflow in function 'IppCreateServerRef()' provided by 'nipplib.dll'.

Successful exploitation of this issue may result in arbitrary code execution on the remote system.

Solution

Upgrade to

- Novell iPrint Client for Vista 5.08 or
- Novell iPrint Client for Windows 4.38

See Also

https://secuniaresearch.flexerasoftware.com/secunia_research/2008-33/advisory/

http://download.novell.com/Download?buildid=3q-_lVDVRFI~

http://download.novell.com/Download?buildid=dv_yn4TOPmQ~

Plugin Details

Severity: High

ID: 34085

File Name: novell_iprint_buffer_overflow.nasl

Version: 1.15

Type: local

Agent: windows

Family: Windows

Published: 9/4/2008

Updated: 11/15/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:novell:iprint

Required KB Items: SMB/Registry/Enumerated

Exploit Ease: No known exploits are available

Patch Publication Date: 9/3/2008

Reference Information

CVE: CVE-2008-2436

BID: 30986

CWE: 94

Secunia: 31370