Novell iPrint Client ActiveX Control Multiple Vulnerabilities
High Nessus Plugin ID 34049
SynopsisThe remote Windows host has an ActiveX control that is affected by multiple vulnerabilities.
DescriptionNovell iPrint Client is installed on the remote host.
An ActiveX control included with Novell iPrint Client is affected by multiple vulnerabilities.
- Vulnerabilities affecting GetDriverFile(), GetDriverSettings() GetPrinterURLList(), GetFileList(), GetServerVersion(), UploadResource(), ExecuteRequest(), UploadResource(), and UploadResourceToRMS() methods in 'ienipp.ocx' could be exploited to perform stack based buffer overflows and execute arbitrary code on the remote system. (CVE-2008-2431)
- A vulnerability in IppGetDriverSettings() method in nipplib.dll could be exploited to perform a stack based buffer overflow (CVE-2008-5231).
- A vulnerability in GetFileList() method may disclose sensitive information. (CVE-2008-2432)
SolutionUpgrade to version 5.06.