This script is Copyright (C) 2008-2017 Tenable Network Security, Inc.
The remote Windows host has an ActiveX control that is affected by
Novell iPrint Client is installed on the remote host.
An ActiveX control included with Novell iPrint Client is affected
by multiple vulnerabilities.
- Vulnerabilities affecting GetDriverFile(),
GetDriverSettings() GetPrinterURLList(), GetFileList(),
GetServerVersion(), UploadResource(), ExecuteRequest(),
UploadResource(), and UploadResourceToRMS() methods in
'ienipp.ocx' could be exploited to perform stack based
buffer overflows and execute arbitrary code on the
remote system. (CVE-2008-2431)
- A vulnerability in IppGetDriverSettings() method in
nipplib.dll could be exploited to perform a stack based
buffer overflow (CVE-2008-5231).
- A vulnerability in GetFileList() method may disclose
sensitive information. (CVE-2008-2432)
See also :
Upgrade to version 5.06.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.7
Public Exploit Available : true