Novell iPrint Client < 5.64 Multiple Vulnerabilities

High Nessus Network Monitor Plugin ID 5942

Synopsis

The remote host contains an application that is vulnerable to multiple attack vectors.

Description

Versions of Novell iPrint Client earlier than 5.64 are potentially affected by multiple vulnerabilities :

- The nipplib.dll component, as used by both types of browser plugins, does not properly handle the uri parameter from the user specified printer-url before passing it to a fixed-length buffer on the heap. (ZDI-11-172 / CVE-2011-1699)

- The nipplib.dll component, as used by both types of browser plugins, does not properly handle the profile time parameter from the user specified printer-url before passing it to a fixed-length buffer on the heap. (ZDI-11-173 / CVE-2011-1700)

- The nipplib.dll component, as used by both types of browser plugins, does not properly handle the profile-name parameter from the user specified printer url before passing it to a fixed-length buffer on the heap. (ZDI-11-174 / CVE-2011-1701)

- The nipplib.dll component, as used by both types of browser plugins, does not properly handle the file-date-time parameter from the user specified printer-url before passing it to a fixed-length buffer on the heap. (ZDI-11-175 / CVE-2011-1702)

- The nipplib.dll component, as used by both types of browser plugins, does not properly handle the driver version parameter from the user-specified printer-url before passing it to a fixed-length buffer on the heap. (ZDI-11-176 / CVE-2011-1703)

- The nipplib.dll component, as used by both types of browser plugins, does not properly handle the core-package parameter from the user specified printer-url before passing it to a fixed-length buffer on the heap. (ZDI-11-177 / CVE_2011-1704)

- The nipplib.dll component, as used by both types of browser plugins, does not properly handle the client-file-name parameter from the user specified printer-url before passing it to a fixed-length buffer on the heap. (ZDI-11-178 / CVE-2011-1705)

- The nipplib.dll component, as used by both types of browser plugins, does not properly handle the iprint-client-config-info parameter form the user specified printer-url before passing it to a fixed-length buffer on the heap. (ZDI-11-179 / CVE-2011-1706)

- The nipplib.dll component, as used by both types of browser plugins, does not properly handle the op-printer-list-all-jobs parameter from the user specified printer-url before passing it to a fixed-length buffer on the heap. (ZDI-11-180 / CVE-2011-1708)

- The nipplib.dll component, as used by both types of browser plugins, does not properly handle the op-printer-list-all-jobs parameter from the user specified printer-url before passing it to a fixed-length buffer on the heap. (ZDI-11-181 / CVE-2011-1707)

Solution

Upgrade to Novell iPrint Client 5.64 or later.

See Also

http://www.zerodayinitiative.com/advisories/ZDI-11-172

http://www.zerodayinitiative.com/advisories/ZDI-11-173

http://www.zerodayinitiative.com/advisories/ZDI-11-174

http://www.zerodayinitiative.com/advisories/ZDI-11-175

http://www.zerodayinitiative.com/advisories/ZDI-11-176

http://www.zerodayinitiative.com/advisories/ZDI-11-177

http://www.zerodayinitiative.com/advisories/ZDI-11-178

http://www.zerodayinitiative.com/advisories/ZDI-11-179

http://www.zerodayinitiative.com/advisories/ZDI-11-180

http://www.zerodayinitiative.com/advisories/ZDI-11-181

http://www.securityfocus.com/archive/1/518266/30/0/threaded

http://www.securityfocus.com/archive/1/518267/30/0/threaded

http://www.securityfocus.com/archive/1/518269/30/0/threaded

http://www.securityfocus.com/archive/1/518270/30/0/threaded

http://www.securityfocus.com/archive/1/518271/30/0/threaded

http://www.securityfocus.com/archive/1/518268/30/0/threaded

http://www.securityfocus.com/archive/1/518272/30/0/threaded

http://www.securityfocus.com/archive/1/518273/30/0/threaded

http://www.securityfocus.com/archive/1/518274/30/0/threaded

http://www.securityfocus.com/archive/1/518275/30/0/threaded

Plugin Details

Severity: High

ID: 5942

Family: Web Clients

Published: 2011/06/07

Modified: 2016/01/19

Dependencies: 4543

Nessus ID: 54988

Risk Information

Risk Factor: High

CVSSv2

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSSv3

Base Score: 8.1

Temporal Score: 7.1

Vector: CVSS3#AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:U/RL:O/RC:C

Vulnerability Information

Patch Publication Date: 2011/06/06

Vulnerability Publication Date: 2011/06/06

Reference Information

CVE: CVE-2011-1699, CVE-2011-1700, CVE-2011-1701, CVE-2011-1702, CVE-2011-1703, CVE-2011-1704, CVE-2011-1705, CVE-2011-1706, CVE-2011-1707, CVE-2011-1708

BID: 48124