Detections
Analytics
Novell iPrint Client < 5.44 Multiple Vulnerabilities
high Nessus Plugin ID 48407
Language:
Synopsis
The remote host contains an application that is affected by multiple vulnerabilities.Description
Novell iPrint Client version older than 5.44 is installed on the remote host. Such versions are reportedly affected by multiple remote code execution vulnerabilities:- A buffer overflow was discovered in how iPrint client handles the 'call-back-url' parameter value for a 'op-client-interface-version' operation where the 'result-type' parameter is set to 'url'.
- An uninitialized pointer vulnerability in ienipp.ocx was discovered and allows an attacker to exploit an issue where the uninitialized pointer is called and the process jumps to an address space controllable by the attacker.
Solution
Upgrade to Novell iPrint Client 5.44 or later.Note that there is no fix available for Novell iPrint Client 4.x branch so users should consider upgrading to 5.44 or later.
See Also
http://dvlabs.tippingpoint.com/advisory/TPTI-10-08
https://secuniaresearch.flexerasoftware.com/secunia_research/2010-104/
Plugin Details
Severity: High
ID: 48407
File Name: novell_iprint_544.nasl
Version: 1.18
Type: local
Agent: windows
Family: Windows
Published: 8/23/2010
Updated: 11/15/2018
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 7.7
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: cpe:/a:novell:iprint
Required KB Items: SMB/Registry/Enumerated
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 8/19/2010
Vulnerability Publication Date: 8/19/2010
Exploitable With
CANVAS (White_Phosphorus)
Core Impact
Metasploit (Novell iPrint Client ActiveX Control call-back-url Buffer Overflow)
Reference Information
CVE: CVE-2010-1527, CVE-2010-3105
BID: 42576
Secunia: 40805