Novell iPrint Client < 5.78 Multiple Code Execution Vulnerabilities

This script is Copyright (C) 2012 Tenable Network Security, Inc.


Synopsis :

The remote host contains an application that is affected by multiple
code execution vulnerabilities.

Description :

The version of Novell iPrint Client installed on the remote host is
earlier than 5.78. Such versions are reportedly affected by one or
more of the following vulnerabilities that can allow for arbitrary
code execution :

- An unspecified issue exists in the GetDriverSettings
realm in nipplib.dll. (CVE-2011-4187)

- An unspecified issue exists in GetPrinterURLList2 in the
ActiveX control. (CVE-2011-4185)

- An unspecified issue exists in client-file-name parsing
in nipplib.dll. (CVE-2011-4186)

See also :

http://dvlabs.tippingpoint.com/advisory/TPTI-12-02
http://zerodayinitiative.com/advisories/ZDI-12-102/
http://zerodayinitiative.com/advisories/ZDI-12-181/
http://www.securityfocus.com/archive/1/524037/30/0/threaded
http://www.novell.com/support/viewContent.do?externalId=7008708

Solution :

Upgrade to Novell iPrint Client 5.78 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 57890 ()

Bugtraq ID: 51926

CVE ID: CVE-2011-4185
CVE-2011-4186
CVE-2011-4187

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now