This script is Copyright (C) 2010-2017 Tenable Network Security, Inc.
The remote host contains an application that is affected by multiple
Novell iPrint Client version older than 5.44 is installed on the
remote host. Such versions are reportedly affected by multiple remote
code execution vulnerabilities:
- A buffer overflow was discovered in how iPrint client
handles the 'call-back-url' parameter value for a
'op-client-interface-version' operation where the
'result-type' parameter is set to 'url'.
- An uninitialized pointer vulnerability in ienipp.ocx
was discovered and allows an attacker to exploit an
issue where the uninitialized pointer is called and
the process jumps to an address space controllable
by the attacker.
See also :
Upgrade to Novell iPrint Client 5.44 or later.
Note that there is no fix available for Novell iPrint Client 4.x
branch so users should consider upgrading to 5.44 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.7
Public Exploit Available : true