Lucene search

[email protected]CVE-2011-3173

HistoryNov 30, 2011 - 4:05 a.m.

CVE-2011-3173

2011-11-3004:05:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2011-3173

buffer overflow

getdriversettings

nipplib.dll

iprint client

novell

open enterprise server 2

oes2

sp3

remote code execution

7.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.296 Low

EPSS

Percentile

96.9%

JSON

Stack-based buffer overflow in the GetDriverSettings function in nipplib.dll in the iPrint client in Novell Open Enterprise Server 2 (aka OES2) SP3 allows remote attackers to execute arbitrary code via a long (1) hostname or (2) port field.

CPENameOperatorVersion
novell:iprint_open_enterprise_server_2novell iprint open enterprise server 2eq*

CPE	Name	Operator	Version
novell:iprint_open_enterprise_server_2	novell iprint open enterprise server 2	eq	*

References

support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5117030.html

support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5117031.html

www.novell.com/support/viewContent.do?externalId=7009676

www.zerodayinitiative.com/advisories/ZDI-11-309/

bugzilla.novell.com/show_bug.cgi?id=707730

7.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.296 Low

EPSS

Percentile

96.9%

JSON

Related for CVE-2011-3173

securityvulns2 nessus1 checkpoint_advisories1 prion2 zdi1 cvelist2 saint4 cve1