Search...

Novell iPrint Client 'printer-url' Multiple BOF Vulnerabilities (Windows)

2011-06-13T00:00:00

ID OPENVAS:801951
Type openvas
Reporter Copyright (c) 2011 Greenbone Networks GmbH
Modified 2017-12-20T00:00:00

Description

The host is installed with Novell iPrint Client and is prone to multiple buffer overflow vulnerabilities.

                                        
                                            ###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_novell_iprint_client_printer_url_mult_bof_vuln_win.nasl 8201 2017-12-20 14:28:50Z cfischer $
#
# Novell iPrint Client 'printer-url' Multiple BOF Vulnerabilities (Windows)
#
# Authors:
# Antu Sanadi &lt;santu@secpod.com&gt;
#
# Copyright:
# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

CPE = "cpe:/a:novell:iprint";

tag_impact = "Successful exploitation could allow attackers to execute arbitrary code under
  the context of the browser.
  Impact Level: Application";
tag_affected = "Novell iPrint Client version prior to 5.64 on windows.";
tag_insight = "The flaws exist within the 'nipplib' component which is used by both the
  ActiveX and Netscape compatible browser plugins. When handling the various
  parameters from the user specified printer-url the process blindly copies
  user supplied data into a fixed-length buffer on the heap.";
tag_solution = "Upgrade to Novell iPrint Client 5.64 or later,
  For the updates refer, http://download.novell.com/Download?buildid=6_bNby38ERg~";
tag_summary = "The host is installed with Novell iPrint Client and is prone to
  multiple buffer overflow vulnerabilities.";

if(description)
{
  script_id(801951);
  script_version("$Revision: 8201 $");
  script_tag(name:"last_modification", value:"$Date: 2017-12-20 15:28:50 +0100 (Wed, 20 Dec 2017) $");
  script_tag(name:"creation_date", value:"2011-06-13 15:28:04 +0200 (Mon, 13 Jun 2011)");
  script_cve_id("CVE-2011-1699", "CVE-2011-1700", "CVE-2011-1701", "CVE-2011-1702",
                "CVE-2011-1703", "CVE-2011-1704", "CVE-2011-1705", "CVE-2011-1706",
                "CVE-2011-1707", "CVE-2011-1708");
  script_tag(name:"cvss_base", value:"9.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_name("Novell iPrint Client 'printer-url' Multiple BOF Vulnerabilities (Windows)");
  script_xref(name : "URL" , value : "http://securitytracker.com/id/1025606");
  script_xref(name : "URL" , value : "http://www.zerodayinitiative.com/advisories/ZDI-11-172/");
  script_xref(name : "URL" , value : "http://www.zerodayinitiative.com/advisories/ZDI-11-173/");
  script_xref(name : "URL" , value : "http://www.zerodayinitiative.com/advisories/ZDI-11-174/");
  script_xref(name : "URL" , value : "http://www.zerodayinitiative.com/advisories/ZDI-11-175/");
  script_xref(name : "URL" , value : "http://www.zerodayinitiative.com/advisories/ZDI-11-176/");
  script_xref(name : "URL" , value : "http://www.zerodayinitiative.com/advisories/ZDI-11-177/");
  script_xref(name : "URL" , value : "http://www.zerodayinitiative.com/advisories/ZDI-11-178/");
  script_xref(name : "URL" , value : "http://www.zerodayinitiative.com/advisories/ZDI-11-179/");
  script_xref(name : "URL" , value : "http://www.zerodayinitiative.com/advisories/ZDI-11-180/");
  script_xref(name : "URL" , value : "http://www.zerodayinitiative.com/advisories/ZDI-11-181/");

  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
  script_category(ACT_GATHER_INFO);
  script_family("Buffer overflow");
  script_dependencies("secpod_novell_prdts_detect_win.nasl");
  script_mandatory_keys("Novell/iPrint/Installed");
  script_tag(name : "impact" , value : tag_impact);
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name : "summary" , value : tag_summary);
  script_tag(name:"qod_type", value:"registry");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}

include("host_details.inc");
include("version_func.inc");

infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE );
vers = infos['version'];
path = infos['location'];

## Check for Novell iPrint Client Version &lt; 5.64
if( version_is_less( version:vers, test_version:"5.64" ) ) {
  report = report_fixed_ver( installed_version:vers, fixed_version:"5.64", install_path:path );
  security_message( port:0, data:report );
  exit( 0 );
}

exit( 99 );

JSON Vulners Source

Initial Source

{"id": "OPENVAS:801951", "type": "openvas", "bulletinFamily": "scanner", "title": "Novell iPrint Client 'printer-url' Multiple BOF Vulnerabilities (Windows)", "description": "The host is installed with Novell iPrint Client and is prone to\n multiple buffer overflow vulnerabilities.", "published": "2011-06-13T00:00:00", "modified": "2017-12-20T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=801951", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["http://www.zerodayinitiative.com/advisories/ZDI-11-172/", "http://www.zerodayinitiative.com/advisories/ZDI-11-176/", "http://www.zerodayinitiative.com/advisories/ZDI-11-179/", "http://securitytracker.com/id/1025606", "http://www.zerodayinitiative.com/advisories/ZDI-11-181/", "http://www.zerodayinitiative.com/advisories/ZDI-11-173/", "http://www.zerodayinitiative.com/advisories/ZDI-11-177/", "http://www.zerodayinitiative.com/advisories/ZDI-11-180/", "http://www.zerodayinitiative.com/advisories/ZDI-11-175/", "http://www.zerodayinitiative.com/advisories/ZDI-11-178/", "http://www.zerodayinitiative.com/advisories/ZDI-11-174/"], "cvelist": ["CVE-2011-1708", "CVE-2011-1702", "CVE-2011-1706", "CVE-2011-1699", "CVE-2011-1700", "CVE-2011-1704", "CVE-2011-1703", "CVE-2011-1705", "CVE-2011-1707", "CVE-2011-1701"], "lastseen": "2017-12-21T11:43:19", "viewCount": 0, "enchantments": {"score": {"value": 10.1, "vector": "NONE", "modified": "2017-12-21T11:43:19", "rev": 2}, "dependencies": {"references": [{"type": "nessus", "idList": ["NOVELL_IPRINT_564.NASL"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:26506", "SECURITYVULNS:DOC:26501", "SECURITYVULNS:VULN:11725", "SECURITYVULNS:DOC:26505", "SECURITYVULNS:DOC:26497", "SECURITYVULNS:DOC:26499", "SECURITYVULNS:DOC:26503", "SECURITYVULNS:DOC:26498", "SECURITYVULNS:DOC:26500", "SECURITYVULNS:DOC:26502"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310801951"]}, {"type": "cve", "idList": ["CVE-2011-1701", "CVE-2011-1707", "CVE-2011-1703", "CVE-2011-1706", "CVE-2011-1702", "CVE-2011-1705", "CVE-2011-1700", "CVE-2011-1704", "CVE-2011-1699", "CVE-2011-1708"]}, {"type": "zdi", "idList": ["ZDI-11-178", "ZDI-11-172", "ZDI-11-174", "ZDI-11-173", "ZDI-11-177", "ZDI-11-180", "ZDI-11-181", "ZDI-11-179", "ZDI-11-176", "ZDI-11-175"]}], "modified": "2017-12-21T11:43:19", "rev": 2}, "vulnersScore": 10.1}, "pluginID": "801951", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_novell_iprint_client_printer_url_mult_bof_vuln_win.nasl 8201 2017-12-20 14:28:50Z cfischer $\n#\n# Novell iPrint Client 'printer-url' Multiple BOF Vulnerabilities (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:novell:iprint\";\n\ntag_impact = \"Successful exploitation could allow attackers to execute arbitrary code under\n the context of the browser.\n Impact Level: Application\";\ntag_affected = \"Novell iPrint Client version prior to 5.64 on windows.\";\ntag_insight = \"The flaws exist within the 'nipplib' component which is used by both the\n ActiveX and Netscape compatible browser plugins. When handling the various\n parameters from the user specified printer-url the process blindly copies\n user supplied data into a fixed-length buffer on the heap.\";\ntag_solution = \"Upgrade to Novell iPrint Client 5.64 or later,\n For the updates refer, http://download.novell.com/Download?buildid=6_bNby38ERg~\";\ntag_summary = \"The host is installed with Novell iPrint Client and is prone to\n multiple buffer overflow vulnerabilities.\";\n\nif(description)\n{\n script_id(801951);\n script_version(\"$Revision: 8201 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-20 15:28:50 +0100 (Wed, 20 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-13 15:28:04 +0200 (Mon, 13 Jun 2011)\");\n script_cve_id(\"CVE-2011-1699\", \"CVE-2011-1700\", \"CVE-2011-1701\", \"CVE-2011-1702\",\n \"CVE-2011-1703\", \"CVE-2011-1704\", \"CVE-2011-1705\", \"CVE-2011-1706\",\n \"CVE-2011-1707\", \"CVE-2011-1708\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Novell iPrint Client 'printer-url' Multiple BOF Vulnerabilities (Windows)\");\n script_xref(name : \"URL\" , value : \"http://securitytracker.com/id/1025606\");\n script_xref(name : \"URL\" , value : \"http://www.zerodayinitiative.com/advisories/ZDI-11-172/\");\n script_xref(name : \"URL\" , value : \"http://www.zerodayinitiative.com/advisories/ZDI-11-173/\");\n script_xref(name : \"URL\" , value : \"http://www.zerodayinitiative.com/advisories/ZDI-11-174/\");\n script_xref(name : \"URL\" , value : \"http://www.zerodayinitiative.com/advisories/ZDI-11-175/\");\n script_xref(name : \"URL\" , value : \"http://www.zerodayinitiative.com/advisories/ZDI-11-176/\");\n script_xref(name : \"URL\" , value : \"http://www.zerodayinitiative.com/advisories/ZDI-11-177/\");\n script_xref(name : \"URL\" , value : \"http://www.zerodayinitiative.com/advisories/ZDI-11-178/\");\n script_xref(name : \"URL\" , value : \"http://www.zerodayinitiative.com/advisories/ZDI-11-179/\");\n script_xref(name : \"URL\" , value : \"http://www.zerodayinitiative.com/advisories/ZDI-11-180/\");\n script_xref(name : \"URL\" , value : \"http://www.zerodayinitiative.com/advisories/ZDI-11-181/\");\n\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Buffer overflow\");\n script_dependencies(\"secpod_novell_prdts_detect_win.nasl\");\n script_mandatory_keys(\"Novell/iPrint/Installed\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\ninfos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE );\nvers = infos['version'];\npath = infos['location'];\n\n## Check for Novell iPrint Client Version < 5.64\nif( version_is_less( version:vers, test_version:\"5.64\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"5.64\", install_path:path );\n security_message( port:0, data:report );\n exit( 0 );\n}\n\nexit( 99 );", "naslFamily": "Buffer overflow"}

{"openvas": [{"lastseen": "2019-05-29T18:39:30", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1708", "CVE-2011-1702", "CVE-2011-1706", "CVE-2011-1699", "CVE-2011-1700", "CVE-2011-1704", "CVE-2011-1703", "CVE-2011-1705", "CVE-2011-1707", "CVE-2011-1701"], "description": "The host is installed with Novell iPrint Client and is prone to\n multiple buffer overflow vulnerabilities.", "modified": "2019-05-17T00:00:00", "published": "2011-06-13T00:00:00", "id": "OPENVAS:1361412562310801951", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801951", "type": "openvas", "title": "Novell iPrint Client 'printer-url' Multiple BOF Vulnerabilities (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Novell iPrint Client 'printer-url' Multiple BOF Vulnerabilities (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:novell:iprint\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801951\");\n script_version(\"2019-05-17T10:45:27+0000\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 10:45:27 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2011-06-13 15:28:04 +0200 (Mon, 13 Jun 2011)\");\n script_cve_id(\"CVE-2011-1699\", \"CVE-2011-1700\", \"CVE-2011-1701\", \"CVE-2011-1702\",\n \"CVE-2011-1703\", \"CVE-2011-1704\", \"CVE-2011-1705\", \"CVE-2011-1706\",\n \"CVE-2011-1707\", \"CVE-2011-1708\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Novell iPrint Client 'printer-url' Multiple BOF Vulnerabilities (Windows)\");\n script_xref(name:\"URL\", value:\"http://securitytracker.com/id/1025606\");\n script_xref(name:\"URL\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-11-172/\");\n script_xref(name:\"URL\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-11-173/\");\n script_xref(name:\"URL\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-11-174/\");\n script_xref(name:\"URL\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-11-175/\");\n script_xref(name:\"URL\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-11-176/\");\n script_xref(name:\"URL\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-11-177/\");\n script_xref(name:\"URL\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-11-178/\");\n script_xref(name:\"URL\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-11-179/\");\n script_xref(name:\"URL\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-11-180/\");\n script_xref(name:\"URL\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-11-181/\");\n\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Buffer overflow\");\n script_dependencies(\"secpod_novell_prdts_detect_win.nasl\");\n script_mandatory_keys(\"Novell/iPrint/Installed\");\n script_tag(name:\"impact\", value:\"Successful exploitation could allow attackers to execute arbitrary code under\n the context of the browser.\");\n script_tag(name:\"affected\", value:\"Novell iPrint Client version prior to 5.64 on windows.\");\n script_tag(name:\"insight\", value:\"The flaws exist within the 'nipplib' component which is used by both the\n ActiveX and Netscape compatible browser plugins. When handling the various\n parameters from the user specified printer-url the process blindly copies\n user supplied data into a fixed-length buffer on the heap.\");\n script_tag(name:\"solution\", value:\"Upgrade to Novell iPrint Client 5.64 or later.\");\n script_xref(name:\"URL\", value:\"http://download.novell.com/Download?buildid=6_bNby38ERg~\");\n script_tag(name:\"summary\", value:\"The host is installed with Novell iPrint Client and is prone to\n multiple buffer overflow vulnerabilities.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE )) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\nif( version_is_less( version:vers, test_version:\"5.64\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"5.64\", install_path:path );\n security_message( port:0, data:report );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:42", "bulletinFamily": "software", "cvelist": ["CVE-2011-1708", "CVE-2011-1702", "CVE-2011-1706", "CVE-2011-1699", "CVE-2011-1700", "CVE-2011-1704", "CVE-2011-1703", "CVE-2011-1705", "CVE-2011-1707", "CVE-2011-1701"], "description": "Code execution via op-printer-list-all-jobs URI handler and cookie, Multiple ActiveX code execution vulnerabilities.", "edition": 1, "modified": "2011-06-11T00:00:00", "published": "2011-06-11T00:00:00", "id": "SECURITYVULNS:VULN:11725", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11725", "title": "Novell iPrint multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:40", "bulletinFamily": "software", "cvelist": ["CVE-2011-1707"], "description": "ZDI-11-181: Novell iPrint op-printer-list-all-jobs url Remote Code Execution Vulnerability\r\n\r\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-181\r\n\r\nJune 6, 2011\r\n\r\n-- CVE ID:\r\nCVE-2011-1707\r\n\r\n-- CVSS:\r\n9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)\r\n\r\n-- Affected Vendors:\r\nNovell\r\n\r\n-- Affected Products:\r\nNovell iPrint\r\n\r\n-- TippingPoint(TM) IPS Customer Protection:\r\nTippingPoint IPS customers have been protected against this\r\nvulnerability by Digital Vaccine protection filter ID 11206. \r\nFor further product information on the TippingPoint IPS, visit:\r\n\r\n http://www.tippingpoint.com\r\n\r\n-- Vulnerability Details:\r\nThis vulnerability allows remote attackers to execute arbitrary code on\r\nvulnerable installations of Novell iPrint Client. User interaction is\r\nrequired to exploit this vulnerability in that the target must visit a\r\nmalicious page or open a malicious file.\r\n\r\nThe flaw exists within the nipplib component which is used by both the\r\nActiveX and Netscape compatible browser plugins. When handling the\r\nop-printer-list-all-jobs parameter from the user specified printer-url\r\nthe process blindly copies user supplied data into a fixed-length buffer\r\non the stack. A remote attacker can exploit this vulnerability to\r\nexecute arbitrary code under the context of the browser.\r\n\r\n-- Vendor Response:\r\nNovell states:\r\nThe defect associated has been updated with the following patch(es):\r\nhttp://download.novell.com/Download?buildid=6_bNby38ERg~\r\n\r\n\r\niPrint on Open Enterprise Server SP2 (Open Enterprise Server 2.0.2\r\nSupport Pack 2 x86-64)\r\nhttp://download.novell.com/Download?buildid=BKCEl4nPhLA~\r\n\r\niPrint on Open Enterprise Server SP2 (Open Enterprise Server 2.0.2\r\nSupport Pack 2 x86)\r\nhttp://download.novell.com/Download?buildid=E7JKbXS39S8~\r\n\r\niPrint on Open Enterprise Server SP3 (Open Enterprise Server 2.0.3\r\nSupport Pack 3 x86-64)\r\nhttp://download.novell.com/Download?buildid=rOKxHB2JX7c~\r\n\r\niPrint on Open Enterprise Server SP3 (Open Enterprise Server 2.0.3\r\nSupport Pack 3 x86)\r\nhttp://download.novell.com/Download?buildid=DyaFUz6Hx_U~\r\n\r\n\r\n* These patches may be "Field Test Patches" and should be tested first\r\non a staging or test machine before being applied directly to a\r\nproduction system.\r\nIf you have any questions please contact a Customer Service\r\nRepresentative at 1-800-858-4000.\r\n\r\n-- Disclosure Timeline:\r\n2011-04-04 - Vulnerability reported to vendor\r\n2011-06-06 - Coordinated public release of advisory\r\n\r\n-- Credit:\r\nThis vulnerability was discovered by:\r\n * Ivan Rodriguez Almuina\r\n\r\n-- About the Zero Day Initiative (ZDI):\r\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \r\na best-of-breed model for rewarding security researchers for responsibly\r\ndisclosing discovered vulnerabilities.\r\n\r\nResearchers interested in getting paid for their security research\r\nthrough the ZDI can find more information and sign-up at:\r\n\r\n http://www.zerodayinitiative.com\r\n\r\nThe ZDI is unique in how the acquired vulnerability information is\r\nused. TippingPoint does not re-sell the vulnerability details or any\r\nexploit code. Instead, upon notifying the affected product vendor,\r\nTippingPoint provides its customers with zero day protection through\r\nits intrusion prevention technology. Explicit details regarding the\r\nspecifics of the vulnerability are not exposed to any parties until\r\nan official vendor patch is publicly available. Furthermore, with the\r\naltruistic aim of helping to secure a broader user base, TippingPoint\r\nprovides this vulnerability information confidentially to security\r\nvendors (including competitors) who have a vulnerability protection or\r\nmitigation product.\r\n\r\nOur vulnerability disclosure policy is available online at:\r\n\r\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\r\n\r\nFollow the ZDI on Twitter:\r\n\r\n http://twitter.com/thezdi", "edition": 1, "modified": "2011-06-11T00:00:00", "published": "2011-06-11T00:00:00", "id": "SECURITYVULNS:DOC:26497", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:26497", "title": "ZDI-11-181: Novell iPrint op-printer-list-all-jobs url Remote Code Execution Vulnerability", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:40", "bulletinFamily": "software", "cvelist": ["CVE-2011-1706"], "description": "ZDI-11-179: Novell iPrint nipplib.dll iprint-client-config-info Remote Code Execution Vulnerability\r\n\r\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-179\r\n\r\nJune 6, 2011\r\n\r\n-- CVE ID:\r\nCVE-2011-1706\r\n\r\n-- CVSS:\r\n9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)\r\n\r\n-- Affected Vendors:\r\nNovell\r\n\r\n-- Affected Products:\r\nNovell iPrint\r\n\r\n-- TippingPoint(TM) IPS Customer Protection:\r\nTippingPoint IPS customers have been protected against this\r\nvulnerability by Digital Vaccine protection filter ID 11196. \r\nFor further product information on the TippingPoint IPS, visit:\r\n\r\n http://www.tippingpoint.com\r\n\r\n-- Vulnerability Details:\r\nThis vulnerability allows remote attackers to execute arbitrary code on\r\nvulnerable installations of Novell iPrint Client. User interaction is\r\nrequired to exploit this vulnerability in that the target must visit a\r\nmalicious page or open a malicious file.\r\n\r\nThe flaw exists within the nipplib component which is used by both the\r\nActiveX and Netscape compatible browser plugins. When handling the\r\niprint-client-config-info parameter from the user specified printer-url\r\nthe process blindly copies user supplied data into a fixed-length buffer\r\non the stack. A remote attacker can exploit this vulnerability to\r\nexecute arbitrary code under the context of the browser.\r\n\r\n\r\n-- Vendor Response:\r\nNovell states:\r\nThe defect associated has been updated with the following patch(es):\r\nhttp://download.novell.com/Download?buildid=6_bNby38ERg~\r\n\r\n\r\niPrint on Open Enterprise Server SP2 (Open Enterprise Server 2.0.2\r\nSupport Pack 2 x86-64)\r\nhttp://download.novell.com/Download?buildid=BKCEl4nPhLA~\r\n\r\niPrint on Open Enterprise Server SP2 (Open Enterprise Server 2.0.2\r\nSupport Pack 2 x86)\r\nhttp://download.novell.com/Download?buildid=E7JKbXS39S8~\r\n\r\niPrint on Open Enterprise Server SP3 (Open Enterprise Server 2.0.3\r\nSupport Pack 3 x86-64)\r\nhttp://download.novell.com/Download?buildid=rOKxHB2JX7c~\r\n\r\niPrint on Open Enterprise Server SP3 (Open Enterprise Server 2.0.3\r\nSupport Pack 3 x86)\r\nhttp://download.novell.com/Download?buildid=DyaFUz6Hx_U~\r\n\r\n\r\n* These patches may be "Field Test Patches" and should be tested first\r\non a staging or test machine before being applied directly to a\r\nproduction system.\r\nIf you have any questions please contact a Customer Service\r\nRepresentative at 1-800-858-4000.\r\n\r\n-- Disclosure Timeline:\r\n2011-03-31 - Vulnerability reported to vendor\r\n2011-06-06 - Coordinated public release of advisory\r\n\r\n-- Credit:\r\nThis vulnerability was discovered by:\r\n * Ivan Rodriguez Almuina\r\n\r\n-- About the Zero Day Initiative (ZDI):\r\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \r\na best-of-breed model for rewarding security researchers for responsibly\r\ndisclosing discovered vulnerabilities.\r\n\r\nResearchers interested in getting paid for their security research\r\nthrough the ZDI can find more information and sign-up at:\r\n\r\n http://www.zerodayinitiative.com\r\n\r\nThe ZDI is unique in how the acquired vulnerability information is\r\nused. TippingPoint does not re-sell the vulnerability details or any\r\nexploit code. Instead, upon notifying the affected product vendor,\r\nTippingPoint provides its customers with zero day protection through\r\nits intrusion prevention technology. Explicit details regarding the\r\nspecifics of the vulnerability are not exposed to any parties until\r\nan official vendor patch is publicly available. Furthermore, with the\r\naltruistic aim of helping to secure a broader user base, TippingPoint\r\nprovides this vulnerability information confidentially to security\r\nvendors (including competitors) who have a vulnerability protection or\r\nmitigation product.\r\n\r\nOur vulnerability disclosure policy is available online at:\r\n\r\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\r\n\r\nFollow the ZDI on Twitter:\r\n\r\n http://twitter.com/thezdi\r\n", "edition": 1, "modified": "2011-06-11T00:00:00", "published": "2011-06-11T00:00:00", "id": "SECURITYVULNS:DOC:26499", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:26499", "title": "ZDI-11-179: Novell iPrint nipplib.dll iprint-client-config-info Remote Code Execution Vulnerability", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:40", "bulletinFamily": "software", "cvelist": ["CVE-2011-1699"], "description": "ZDI-11-172: Novell iPrint nipplib.dll uri Remote Code Execution Vulnerability\r\n\r\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-172\r\n\r\nJune 6, 2011\r\n\r\n-- CVE ID:\r\nCVE-2011-1699\r\n\r\n-- CVSS:\r\n9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)\r\n\r\n-- Affected Vendors:\r\nNovell\r\n\r\n-- Affected Products:\r\nNovell iPrint\r\n\r\n-- TippingPoint(TM) IPS Customer Protection:\r\nTippingPoint IPS customers have been protected against this\r\nvulnerability by Digital Vaccine protection filter ID 11201. \r\nFor further product information on the TippingPoint IPS, visit:\r\n\r\n http://www.tippingpoint.com\r\n\r\n-- Vulnerability Details:\r\nThis vulnerability allows remote attackers to execute arbitrary code on\r\nvulnerable installations of Novell iPrint Client. User interaction is\r\nrequired to exploit this vulnerability in that the target must visit a\r\nmalicious page or open a malicious file.\r\n\r\nThe flaw exists within the nipplib component which is used by both the\r\nActiveX and Netscape compatible browser plugins. When handling the uri\r\nparameter from the user specified printer-url the process blindly copies\r\nuser supplied data into a fixed-length buffer on the heap. A remote\r\nattacker can exploit this vulnerability to execute arbitrary code under\r\nthe context of the browser.\r\n\r\n-- Vendor Response:\r\nNovell states:\r\nThe defect associated has been updated with the following patch(es):\r\nhttp://download.novell.com/Download?buildid=6_bNby38ERg~\r\n\r\n\r\niPrint on Open Enterprise Server SP2 (Open Enterprise Server 2.0.2\r\nSupport Pack 2 x86-64)\r\nhttp://download.novell.com/Download?buildid=BKCEl4nPhLA~\r\n\r\niPrint on Open Enterprise Server SP2 (Open Enterprise Server 2.0.2\r\nSupport Pack 2 x86)\r\nhttp://download.novell.com/Download?buildid=E7JKbXS39S8~\r\n\r\niPrint on Open Enterprise Server SP3 (Open Enterprise Server 2.0.3\r\nSupport Pack 3 x86-64)\r\nhttp://download.novell.com/Download?buildid=rOKxHB2JX7c~\r\n\r\niPrint on Open Enterprise Server SP3 (Open Enterprise Server 2.0.3\r\nSupport Pack 3 x86)\r\nhttp://download.novell.com/Download?buildid=DyaFUz6Hx_U~\r\n\r\n* These patches may be "Field Test Patches" and should be tested first\r\non a staging or test machine before being applied directly to a\r\nproduction system.\r\nIf you have any questions please contact a Customer Service\r\nRepresentative at 1-800-858-4000.\r\n\r\n-- Disclosure Timeline:\r\n2011-01-24 - Vulnerability reported to vendor\r\n2011-06-06 - Coordinated public release of advisory\r\n\r\n-- Credit:\r\nThis vulnerability was discovered by:\r\n * Ivan Rodriguez Almuina\r\n\r\n-- About the Zero Day Initiative (ZDI):\r\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \r\na best-of-breed model for rewarding security researchers for responsibly\r\ndisclosing discovered vulnerabilities.\r\n\r\nResearchers interested in getting paid for their security research\r\nthrough the ZDI can find more information and sign-up at:\r\n\r\n http://www.zerodayinitiative.com\r\n\r\nThe ZDI is unique in how the acquired vulnerability information is\r\nused. TippingPoint does not re-sell the vulnerability details or any\r\nexploit code. Instead, upon notifying the affected product vendor,\r\nTippingPoint provides its customers with zero day protection through\r\nits intrusion prevention technology. Explicit details regarding the\r\nspecifics of the vulnerability are not exposed to any parties until\r\nan official vendor patch is publicly available. Furthermore, with the\r\naltruistic aim of helping to secure a broader user base, TippingPoint\r\nprovides this vulnerability information confidentially to security\r\nvendors (including competitors) who have a vulnerability protection or\r\nmitigation product.\r\n\r\nOur vulnerability disclosure policy is available online at:\r\n\r\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\r\n\r\nFollow the ZDI on Twitter:\r\n\r\n http://twitter.com/thezdi", "edition": 1, "modified": "2011-06-11T00:00:00", "published": "2011-06-11T00:00:00", "id": "SECURITYVULNS:DOC:26506", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:26506", "title": "ZDI-11-172: Novell iPrint nipplib.dll uri Remote Code Execution Vulnerability", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:40", "bulletinFamily": "software", "cvelist": ["CVE-2011-1703"], "description": "ZDI-11-176: Novell iPrint nipplib.dll driver-version Remote Code Vulnerability\r\n\r\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-176\r\n\r\nJune 6, 2011\r\n\r\n-- CVE ID:\r\nCVE-2011-1703\r\n\r\n-- CVSS:\r\n9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)\r\n\r\n-- Affected Vendors:\r\nNovell\r\n\r\n-- Affected Products:\r\nNovell iPrint\r\n\r\n-- TippingPoint(TM) IPS Customer Protection:\r\nTippingPoint IPS customers have been protected against this\r\nvulnerability by Digital Vaccine protection filter ID 11203. \r\nFor further product information on the TippingPoint IPS, visit:\r\n\r\n http://www.tippingpoint.com\r\n\r\n-- Vulnerability Details:\r\nThis vulnerability allows remote attackers to execute arbitrary code on\r\nvulnerable installations of Novell iPrint Client. User interaction is\r\nrequired to exploit this vulnerability in that the target must visit a\r\nmalicious page or open a malicious file.\r\n\r\nThe flaw exists within the nipplib component which is used by both the\r\nActiveX and Netscape compatible browser plugins. When handling the\r\ndriver-version parameter from the user specified printer-url the process\r\nblindly copies user supplied data into a fixed-length buffer on the\r\nheap. A remote attacker can exploit this vulnerability to execute\r\narbitrary code under the context of the browser.\r\n\r\n\r\n-- Vendor Response:\r\nNovell states:\r\nThe defect associated has been updated with the following patch(es):\r\nhttp://download.novell.com/Download?buildid=6_bNby38ERg~\r\n\r\n\r\niPrint on Open Enterprise Server SP2 (Open Enterprise Server 2.0.2\r\nSupport Pack 2 x86-64)\r\nhttp://download.novell.com/Download?buildid=BKCEl4nPhLA~\r\n\r\niPrint on Open Enterprise Server SP2 (Open Enterprise Server 2.0.2\r\nSupport Pack 2 x86)\r\nhttp://download.novell.com/Download?buildid=E7JKbXS39S8~\r\n\r\niPrint on Open Enterprise Server SP3 (Open Enterprise Server 2.0.3\r\nSupport Pack 3 x86-64)\r\nhttp://download.novell.com/Download?buildid=rOKxHB2JX7c~\r\n\r\niPrint on Open Enterprise Server SP3 (Open Enterprise Server 2.0.3\r\nSupport Pack 3 x86)\r\nhttp://download.novell.com/Download?buildid=DyaFUz6Hx_U~\r\n\r\n* These patches may be "Field Test Patches" and should be tested first\r\non a staging or test machine before being applied directly to a\r\nproduction system.\r\nIf you have any questions please contact a Customer Service\r\nRepresentative at 1-800-858-4000.\r\n\r\n-- Disclosure Timeline:\r\n2011-04-01 - Vulnerability reported to vendor\r\n2011-06-06 - Coordinated public release of advisory\r\n\r\n-- Credit:\r\nThis vulnerability was discovered by:\r\n * Ivan Rodriguez Almuina\r\n\r\n-- About the Zero Day Initiative (ZDI):\r\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \r\na best-of-breed model for rewarding security researchers for responsibly\r\ndisclosing discovered vulnerabilities.\r\n\r\nResearchers interested in getting paid for their security research\r\nthrough the ZDI can find more information and sign-up at:\r\n\r\n http://www.zerodayinitiative.com\r\n\r\nThe ZDI is unique in how the acquired vulnerability information is\r\nused. TippingPoint does not re-sell the vulnerability details or any\r\nexploit code. Instead, upon notifying the affected product vendor,\r\nTippingPoint provides its customers with zero day protection through\r\nits intrusion prevention technology. Explicit details regarding the\r\nspecifics of the vulnerability are not exposed to any parties until\r\nan official vendor patch is publicly available. Furthermore, with the\r\naltruistic aim of helping to secure a broader user base, TippingPoint\r\nprovides this vulnerability information confidentially to security\r\nvendors (including competitors) who have a vulnerability protection or\r\nmitigation product.\r\n\r\nOur vulnerability disclosure policy is available online at:\r\n\r\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\r\n\r\nFollow the ZDI on Twitter:\r\n\r\n http://twitter.com/thezdi", "edition": 1, "modified": "2011-06-11T00:00:00", "published": "2011-06-11T00:00:00", "id": "SECURITYVULNS:DOC:26502", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:26502", "title": "ZDI-11-176: Novell iPrint nipplib.dll driver-version Remote Code Vulnerability", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:40", "bulletinFamily": "software", "cvelist": ["CVE-2011-1708"], "description": "ZDI-11-180: Novell iPrint op-printer-list-all-jobs cookie Remote Code Execution Vulnerability\r\n\r\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-180\r\n\r\nJune 6, 2011\r\n\r\n-- CVE ID:\r\nCVE-2011-1708\r\n\r\n-- CVSS:\r\n9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)\r\n\r\n-- Affected Vendors:\r\nNovell\r\n\r\n-- Affected Products:\r\nNovell iPrint\r\n\r\n-- TippingPoint(TM) IPS Customer Protection:\r\nTippingPoint IPS customers have been protected against this\r\nvulnerability by Digital Vaccine protection filter ID 11205. \r\nFor further product information on the TippingPoint IPS, visit:\r\n\r\n http://www.tippingpoint.com\r\n\r\n-- Vulnerability Details:\r\nThis vulnerability allows remote attackers to execute arbitrary code on\r\nvulnerable installations of Novell iPrint Client. User interaction is\r\nrequired to exploit this vulnerability in that the target must visit a\r\nmalicious page or open a malicious file.\r\n\r\nThe flaw exists within the nipplib component which is used by both the\r\nActiveX and Netscape compatible browser plugins. When handling the\r\nop-printer-list-all-jobs parameter from the user specified printer-url\r\nthe process blindly copies user supplied data into a fixed-length buffer\r\non the stack. A remote attacker can exploit this vulnerability to\r\nexecute arbitrary code under the context of the browser.\r\n\r\n-- Vendor Response:\r\nNovell states:\r\nThe defect associated has been updated with the following patch(es):\r\nhttp://download.novell.com/Download?buildid=6_bNby38ERg~\r\n\r\n\r\niPrint on Open Enterprise Server SP2 (Open Enterprise Server 2.0.2\r\nSupport Pack 2 x86-64)\r\nhttp://download.novell.com/Download?buildid=BKCEl4nPhLA~\r\n\r\niPrint on Open Enterprise Server SP2 (Open Enterprise Server 2.0.2\r\nSupport Pack 2 x86)\r\nhttp://download.novell.com/Download?buildid=E7JKbXS39S8~\r\n\r\niPrint on Open Enterprise Server SP3 (Open Enterprise Server 2.0.3\r\nSupport Pack 3 x86-64)\r\nhttp://download.novell.com/Download?buildid=rOKxHB2JX7c~\r\n\r\niPrint on Open Enterprise Server SP3 (Open Enterprise Server 2.0.3\r\nSupport Pack 3 x86)\r\nhttp://download.novell.com/Download?buildid=DyaFUz6Hx_U~\r\n\r\n* These patches may be "Field Test Patches" and should be tested first\r\non a staging or test machine before being applied directly to a\r\nproduction system.\r\nIf you have any questions please contact a Customer Service\r\nRepresentative at 1-800-858-4000.\r\n\r\n-- Disclosure Timeline:\r\n2011-04-06 - Vulnerability reported to vendor\r\n2011-06-06 - Coordinated public release of advisory\r\n\r\n-- Credit:\r\nThis vulnerability was discovered by:\r\n * Ivan Rodriguez Almuina\r\n\r\n-- About the Zero Day Initiative (ZDI):\r\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \r\na best-of-breed model for rewarding security researchers for responsibly\r\ndisclosing discovered vulnerabilities.\r\n\r\nResearchers interested in getting paid for their security research\r\nthrough the ZDI can find more information and sign-up at:\r\n\r\n http://www.zerodayinitiative.com\r\n\r\nThe ZDI is unique in how the acquired vulnerability information is\r\nused. TippingPoint does not re-sell the vulnerability details or any\r\nexploit code. Instead, upon notifying the affected product vendor,\r\nTippingPoint provides its customers with zero day protection through\r\nits intrusion prevention technology. Explicit details regarding the\r\nspecifics of the vulnerability are not exposed to any parties until\r\nan official vendor patch is publicly available. Furthermore, with the\r\naltruistic aim of helping to secure a broader user base, TippingPoint\r\nprovides this vulnerability information confidentially to security\r\nvendors (including competitors) who have a vulnerability protection or\r\nmitigation product.\r\n\r\nOur vulnerability disclosure policy is available online at:\r\n\r\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\r\n\r\nFollow the ZDI on Twitter:\r\n\r\n http://twitter.com/thezdi", "edition": 1, "modified": "2011-06-11T00:00:00", "published": "2011-06-11T00:00:00", "id": "SECURITYVULNS:DOC:26498", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:26498", "title": "ZDI-11-180: Novell iPrint op-printer-list-all-jobs cookie Remote Code Execution Vulnerability", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:40", "bulletinFamily": "software", "cvelist": ["CVE-2011-1700"], "description": "ZDI-11-173: Novell iPrint nipplib.dll profile-time Remote Code Execution Vulnerability\r\n\r\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-173\r\n\r\nJune 6, 2011\r\n\r\n-- CVE ID:\r\nCVE-2011-1700\r\n\r\n-- CVSS:\r\n9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)\r\n\r\n-- Affected Vendors:\r\nNovell\r\n\r\n-- Affected Products:\r\nNovell iPrint\r\n\r\n-- TippingPoint(TM) IPS Customer Protection:\r\nTippingPoint IPS customers have been protected against this\r\nvulnerability by Digital Vaccine protection filter ID 11200. \r\nFor further product information on the TippingPoint IPS, visit:\r\n\r\n http://www.tippingpoint.com\r\n\r\n-- Vulnerability Details:\r\nThis vulnerability allows remote attackers to execute arbitrary code on\r\nvulnerable installations of Novell iPrint Client. User interaction is\r\nrequired to exploit this vulnerability in that the target must visit a\r\nmalicious page or open a malicious file.\r\n\r\nThe flaw exists within the nipplib component which is used by both the\r\nActiveX and Netscape compatible browser plugins. When handling the\r\nprofile-time parameter from the user specified printer-url the process\r\nblindly copies user supplied data into a fixed-length buffer on the\r\nheap. A remote attacker can exploit this vulnerability to execute\r\narbitrary code under the context of the browser.\r\n\r\n-- Vendor Response:\r\nNovell states:\r\nThe defect associated has been updated with the following patch(es):\r\nhttp://download.novell.com/Download?buildid=6_bNby38ERg~\r\n\r\n\r\niPrint on Open Enterprise Server SP2 (Open Enterprise Server 2.0.2\r\nSupport Pack 2 x86-64)\r\nhttp://download.novell.com/Download?buildid=BKCEl4nPhLA~\r\n\r\niPrint on Open Enterprise Server SP2 (Open Enterprise Server 2.0.2\r\nSupport Pack 2 x86)\r\nhttp://download.novell.com/Download?buildid=E7JKbXS39S8~\r\n\r\niPrint on Open Enterprise Server SP3 (Open Enterprise Server 2.0.3\r\nSupport Pack 3 x86-64)\r\nhttp://download.novell.com/Download?buildid=rOKxHB2JX7c~\r\n\r\niPrint on Open Enterprise Server SP3 (Open Enterprise Server 2.0.3\r\nSupport Pack 3 x86)\r\nhttp://download.novell.com/Download?buildid=DyaFUz6Hx_U~\r\n\r\n* These patches may be "Field Test Patches" and should be tested first\r\non a staging or test machine before being applied directly to a\r\nproduction system.\r\nIf you have any questions please contact a Customer Service\r\nRepresentative at 1-800-858-4000.\r\n\r\n-- Disclosure Timeline:\r\n2011-04-01 - Vulnerability reported to vendor\r\n2011-06-06 - Coordinated public release of advisory\r\n\r\n-- Credit:\r\nThis vulnerability was discovered by:\r\n * Ivan Rodriguez Almuina\r\n\r\n-- About the Zero Day Initiative (ZDI):\r\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \r\na best-of-breed model for rewarding security researchers for responsibly\r\ndisclosing discovered vulnerabilities.\r\n\r\nResearchers interested in getting paid for their security research\r\nthrough the ZDI can find more information and sign-up at:\r\n\r\n http://www.zerodayinitiative.com\r\n\r\nThe ZDI is unique in how the acquired vulnerability information is\r\nused. TippingPoint does not re-sell the vulnerability details or any\r\nexploit code. Instead, upon notifying the affected product vendor,\r\nTippingPoint provides its customers with zero day protection through\r\nits intrusion prevention technology. Explicit details regarding the\r\nspecifics of the vulnerability are not exposed to any parties until\r\nan official vendor patch is publicly available. Furthermore, with the\r\naltruistic aim of helping to secure a broader user base, TippingPoint\r\nprovides this vulnerability information confidentially to security\r\nvendors (including competitors) who have a vulnerability protection or\r\nmitigation product.\r\n\r\nOur vulnerability disclosure policy is available online at:\r\n\r\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\r\n\r\nFollow the ZDI on Twitter:\r\n\r\n http://twitter.com/thezdi\r\n", "edition": 1, "modified": "2011-06-11T00:00:00", "published": "2011-06-11T00:00:00", "id": "SECURITYVULNS:DOC:26505", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:26505", "title": "ZDI-11-173: Novell iPrint nipplib.dll profile-time Remote Code Execution Vulnerability", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:40", "bulletinFamily": "software", "cvelist": ["CVE-2011-1705"], "description": "ZDI-11-178: Novell iPrint nipplib.dll client-file-name Remote Code Execution Vulnerability\r\n\r\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-178\r\n\r\nJune 6, 2011\r\n\r\n-- CVE ID:\r\nCVE-2011-1705\r\n\r\n-- CVSS:\r\n9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)\r\n\r\n-- Affected Vendors:\r\nNovell\r\n\r\n-- Affected Products:\r\nNovell iPrint\r\n\r\n-- TippingPoint(TM) IPS Customer Protection:\r\nTippingPoint IPS customers have been protected against this\r\nvulnerability by Digital Vaccine protection filter ID 11195. \r\nFor further product information on the TippingPoint IPS, visit:\r\n\r\n http://www.tippingpoint.com\r\n\r\n-- Vulnerability Details:\r\nThis vulnerability allows remote attackers to execute arbitrary code on\r\nvulnerable installations of Novell iPrint Client. User interaction is\r\nrequired to exploit this vulnerability in that the target must visit a\r\nmalicious page or open a malicious file.\r\n\r\nThe flaw exists within the nipplib component which is used by both the\r\nActiveX and Netscape compatible browser plugins. When handling the\r\nclient-file-name parameter from the user specified printer-url the\r\nprocess blindly copies user supplied data into a fixed-length buffer on\r\nthe heap. A remote attacker can exploit this vulnerability to execute\r\narbitrary code under the context of the browser.\r\n\r\n\r\n-- Vendor Response:\r\nNovell states:\r\nThe defect associated has been updated with the following patch(es):\r\nhttp://download.novell.com/Download?buildid=6_bNby38ERg~\r\n\r\n\r\niPrint on Open Enterprise Server SP2 (Open Enterprise Server 2.0.2\r\nSupport Pack 2 x86-64)\r\nhttp://download.novell.com/Download?buildid=BKCEl4nPhLA~\r\n\r\niPrint on Open Enterprise Server SP2 (Open Enterprise Server 2.0.2\r\nSupport Pack 2 x86)\r\nhttp://download.novell.com/Download?buildid=E7JKbXS39S8~\r\n\r\niPrint on Open Enterprise Server SP3 (Open Enterprise Server 2.0.3\r\nSupport Pack 3 x86-64)\r\nhttp://download.novell.com/Download?buildid=rOKxHB2JX7c~\r\n\r\niPrint on Open Enterprise Server SP3 (Open Enterprise Server 2.0.3\r\nSupport Pack 3 x86)\r\nhttp://download.novell.com/Download?buildid=DyaFUz6Hx_U~\r\n\r\n* These patches may be "Field Test Patches" and should be tested first\r\non a staging or test machine before being applied directly to a\r\nproduction system.\r\nIf you have any questions please contact a Customer Service\r\nRepresentative at 1-800-858-4000.\r\n\r\n-- Disclosure Timeline:\r\n2011-04-01 - Vulnerability reported to vendor\r\n2011-06-06 - Coordinated public release of advisory\r\n\r\n-- Credit:\r\nThis vulnerability was discovered by:\r\n * Ivan Rodriguez Almuina\r\n\r\n-- About the Zero Day Initiative (ZDI):\r\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \r\na best-of-breed model for rewarding security researchers for responsibly\r\ndisclosing discovered vulnerabilities.\r\n\r\nResearchers interested in getting paid for their security research\r\nthrough the ZDI can find more information and sign-up at:\r\n\r\n http://www.zerodayinitiative.com\r\n\r\nThe ZDI is unique in how the acquired vulnerability information is\r\nused. TippingPoint does not re-sell the vulnerability details or any\r\nexploit code. Instead, upon notifying the affected product vendor,\r\nTippingPoint provides its customers with zero day protection through\r\nits intrusion prevention technology. Explicit details regarding the\r\nspecifics of the vulnerability are not exposed to any parties until\r\nan official vendor patch is publicly available. Furthermore, with the\r\naltruistic aim of helping to secure a broader user base, TippingPoint\r\nprovides this vulnerability information confidentially to security\r\nvendors (including competitors) who have a vulnerability protection or\r\nmitigation product.\r\n\r\nOur vulnerability disclosure policy is available online at:\r\n\r\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\r\n\r\nFollow the ZDI on Twitter:\r\n\r\n http://twitter.com/thezdi", "edition": 1, "modified": "2011-06-11T00:00:00", "published": "2011-06-11T00:00:00", "id": "SECURITYVULNS:DOC:26500", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:26500", "title": "ZDI-11-178: Novell iPrint nipplib.dll client-file-name Remote Code Execution Vulnerability", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:40", "bulletinFamily": "software", "cvelist": ["CVE-2011-1704"], "description": "ZDI-11-177: Novell iPrint nipplib.dll core-package Remote Code Execution Vulnerability\r\n\r\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-177\r\n\r\nJune 6, 2011\r\n\r\n-- CVE ID:\r\nCVE-2011-1704\r\n\r\n-- CVSS:\r\n9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)\r\n\r\n-- Affected Vendors:\r\nNovell\r\n\r\n-- Affected Products:\r\nNovell iPrint\r\n\r\n-- TippingPoint(TM) IPS Customer Protection:\r\nTippingPoint IPS customers have been protected against this\r\nvulnerability by Digital Vaccine protection filter ID 11192. \r\nFor further product information on the TippingPoint IPS, visit:\r\n\r\n http://www.tippingpoint.com\r\n\r\n-- Vulnerability Details:\r\nThis vulnerability allows remote attackers to execute arbitrary code on\r\nvulnerable installations of Novell iPrint Client. User interaction is\r\nrequired to exploit this vulnerability in that the target must visit a\r\nmalicious page or open a malicious file.\r\n\r\nThe flaw exists within the nipplib component which is used by both the\r\nActiveX and Netscape compatible browser plugins. When handling the\r\ncore-package parameter from the user specified printer-url the process\r\nblindly copies user supplied data into a fixed-length buffer on the\r\nheap. A remote attacker can exploit this vulnerability to execute\r\narbitrary code under the context of the browser.\r\n\r\n\r\n-- Vendor Response:\r\nNovell states:\r\nThe defect associated has been updated with the following patch(es):\r\nhttp://download.novell.com/Download?buildid=6_bNby38ERg~\r\n\r\n\r\niPrint on Open Enterprise Server SP2 (Open Enterprise Server 2.0.2\r\nSupport Pack 2 x86-64)\r\nhttp://download.novell.com/Download?buildid=BKCEl4nPhLA~\r\n\r\niPrint on Open Enterprise Server SP2 (Open Enterprise Server 2.0.2\r\nSupport Pack 2 x86)\r\nhttp://download.novell.com/Download?buildid=E7JKbXS39S8~\r\n\r\niPrint on Open Enterprise Server SP3 (Open Enterprise Server 2.0.3\r\nSupport Pack 3 x86-64)\r\nhttp://download.novell.com/Download?buildid=rOKxHB2JX7c~\r\n\r\niPrint on Open Enterprise Server SP3 (Open Enterprise Server 2.0.3\r\nSupport Pack 3 x86)\r\nhttp://download.novell.com/Download?buildid=DyaFUz6Hx_U~\r\n\r\n* These patches may be "Field Test Patches" and should be tested first\r\non a staging or test machine before being applied directly to a\r\nproduction system.\r\nIf you have any questions please contact a Customer Service\r\nRepresentative at 1-800-858-4000.\r\n\r\n-- Disclosure Timeline:\r\n2011-04-01 - Vulnerability reported to vendor\r\n2011-06-06 - Coordinated public release of advisory\r\n\r\n-- Credit:\r\nThis vulnerability was discovered by:\r\n * Ivan Rodriguez Almuina\r\n\r\n-- About the Zero Day Initiative (ZDI):\r\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \r\na best-of-breed model for rewarding security researchers for responsibly\r\ndisclosing discovered vulnerabilities.\r\n\r\nResearchers interested in getting paid for their security research\r\nthrough the ZDI can find more information and sign-up at:\r\n\r\n http://www.zerodayinitiative.com\r\n\r\nThe ZDI is unique in how the acquired vulnerability information is\r\nused. TippingPoint does not re-sell the vulnerability details or any\r\nexploit code. Instead, upon notifying the affected product vendor,\r\nTippingPoint provides its customers with zero day protection through\r\nits intrusion prevention technology. Explicit details regarding the\r\nspecifics of the vulnerability are not exposed to any parties until\r\nan official vendor patch is publicly available. Furthermore, with the\r\naltruistic aim of helping to secure a broader user base, TippingPoint\r\nprovides this vulnerability information confidentially to security\r\nvendors (including competitors) who have a vulnerability protection or\r\nmitigation product.\r\n\r\nOur vulnerability disclosure policy is available online at:\r\n\r\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\r\n\r\nFollow the ZDI on Twitter:\r\n\r\n http://twitter.com/thezdi", "edition": 1, "modified": "2011-06-11T00:00:00", "published": "2011-06-11T00:00:00", "id": "SECURITYVULNS:DOC:26501", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:26501", "title": "ZDI-11-177: Novell iPrint nipplib.dll core-package Remote Code Execution Vulnerability", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:40", "bulletinFamily": "software", "cvelist": ["CVE-2011-1702"], "description": "ZDI-11-175: Novell iPrint nipplib.dll file-date-time Remote Code Execution Vulnerability\r\n\r\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-175\r\n\r\nJune 6, 2011\r\n\r\n-- CVE ID:\r\nCVE-2011-1702\r\n\r\n-- CVSS:\r\n9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)\r\n\r\n-- Affected Vendors:\r\nNovell\r\n\r\n-- Affected Products:\r\nNovell iPrint\r\n\r\n-- TippingPoint(TM) IPS Customer Protection:\r\nTippingPoint IPS customers have been protected against this\r\nvulnerability by Digital Vaccine protection filter ID 11202. \r\nFor further product information on the TippingPoint IPS, visit:\r\n\r\n http://www.tippingpoint.com\r\n\r\n-- Vulnerability Details:\r\nThis vulnerability allows remote attackers to execute arbitrary code on\r\nvulnerable installations of Novell iPrint Client. User interaction is\r\nrequired to exploit this vulnerability in that the target must visit a\r\nmalicious page or open a malicious file.\r\n\r\nThe flaw exists within the nipplib component which is used by both the\r\nActiveX and Netscape compatible browser plugins. When handling the\r\nfile-date-time parameter from the user specified printer-url the process\r\nblindly copies user supplied data into a fixed-length buffer on the\r\nheap. A remote attacker can exploit this vulnerability to execute\r\narbitrary code under the context of the browser.\r\n\r\n\r\n-- Vendor Response:\r\nNovell states:\r\nThe defect associated has been updated with the following patch(es):\r\nhttp://download.novell.com/Download?buildid=6_bNby38ERg~\r\n\r\n\r\niPrint on Open Enterprise Server SP2 (Open Enterprise Server 2.0.2\r\nSupport Pack 2 x86-64)\r\nhttp://download.novell.com/Download?buildid=BKCEl4nPhLA~\r\n\r\niPrint on Open Enterprise Server SP2 (Open Enterprise Server 2.0.2\r\nSupport Pack 2 x86)\r\nhttp://download.novell.com/Download?buildid=E7JKbXS39S8~\r\n\r\niPrint on Open Enterprise Server SP3 (Open Enterprise Server 2.0.3\r\nSupport Pack 3 x86-64)\r\nhttp://download.novell.com/Download?buildid=rOKxHB2JX7c~\r\n\r\niPrint on Open Enterprise Server SP3 (Open Enterprise Server 2.0.3\r\nSupport Pack 3 x86)\r\nhttp://download.novell.com/Download?buildid=DyaFUz6Hx_U~\r\n\r\n* These patches may be "Field Test Patches" and should be tested first\r\non a staging or test machine before being applied directly to a\r\nproduction system.\r\nIf you have any questions please contact a Customer Service\r\nRepresentative at 1-800-858-4000.\r\n\r\n-- Disclosure Timeline:\r\n2011-04-01 - Vulnerability reported to vendor\r\n2011-06-06 - Coordinated public release of advisory\r\n\r\n-- Credit:\r\nThis vulnerability was discovered by:\r\n * Ivan Rodriguez Almuina\r\n\r\n-- About the Zero Day Initiative (ZDI):\r\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \r\na best-of-breed model for rewarding security researchers for responsibly\r\ndisclosing discovered vulnerabilities.\r\n\r\nResearchers interested in getting paid for their security research\r\nthrough the ZDI can find more information and sign-up at:\r\n\r\n http://www.zerodayinitiative.com\r\n\r\nThe ZDI is unique in how the acquired vulnerability information is\r\nused. TippingPoint does not re-sell the vulnerability details or any\r\nexploit code. Instead, upon notifying the affected product vendor,\r\nTippingPoint provides its customers with zero day protection through\r\nits intrusion prevention technology. Explicit details regarding the\r\nspecifics of the vulnerability are not exposed to any parties until\r\nan official vendor patch is publicly available. Furthermore, with the\r\naltruistic aim of helping to secure a broader user base, TippingPoint\r\nprovides this vulnerability information confidentially to security\r\nvendors (including competitors) who have a vulnerability protection or\r\nmitigation product.\r\n\r\nOur vulnerability disclosure policy is available online at:\r\n\r\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\r\n\r\nFollow the ZDI on Twitter:\r\n\r\n http://twitter.com/thezdi", "edition": 1, "modified": "2011-06-11T00:00:00", "published": "2011-06-11T00:00:00", "id": "SECURITYVULNS:DOC:26503", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:26503", "title": "ZDI-11-175: Novell iPrint nipplib.dll file-date-time Remote Code Execution Vulnerability", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2021-01-01T04:00:35", "description": "The version of Novell iPrint Client installed on the remote host is\nprior to 5.64. It is, therefore, affected by one or more of the\nfollowing vulnerabilities in the nipplib.dll component, as used by\nboth types of browser plugins, that can allow for arbitrary code\nexecution :\n\n - The uri parameter from user specified printer-url is\n not properly handled before passing it to a fixed-length\n buffer on the heap. (ZDI-11-172 / CVE-2011-1699)\n \n - The profile-time parameter from the user specified\n printer-url is not properly handled before passing it to\n a fixed-length buffer on the heap.\n (ZDI-11-173 / CVE-2011-1700)\n\n - The profile-name parameter from the user specified\n printer-url is not properly handled before passing it to\n a fixed-length buffer on the heap.\n (ZDI-11-174 / CVE-2011-1701)\n\n - The file-date-time parameter from the user specified\n printer-url is not properly handled before passing it to\n a fixed-length buffer on the heap.\n (ZDI-11-175 / CVE-2011-1702)\n\n - The driver-version parameter from the user specified\n printer-url is not properly handled before passing it to\n a fixed-length buffer on the heap.\n (ZDI-11-176 / CVE-2011-1703)\n \n - The core-package parameter from the user specified\n printer-url is not properly handled before passing it to\n a fixed-length buffer on the heap.\n (ZDI-11-177 / CVE-2011-1704)\n\n - The client-file-name parameter from the user specified\n printer-url is not properly handled before passing it to\n a fixed-length buffer on the heap.\n (ZDI-11-178 / CVE-2011-1705)\n\n - The iprint-client-config-info parameter from the user \n specified printer-url is not properly handled before \n passing it to a fixed-length buffer on the heap.\n (ZDI-11-179 / CVE-2011-1706)\n\n - The op-printer-list-all-jobs cookie parameter from the\n user specified printer-url is not properly handled\n before passing it to a fixed-length buffer on the heap.\n (ZDI-11-180 / CVE-2011-1708)\n\n - The op-printer-list-all-jobs url parameter from the user\n specified printer-url is not properly handled before\n passing it to a fixed-length buffer on the heap.\n (ZDI-11-181 / CVE-2011-1707)", "edition": 27, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2011-06-07T00:00:00", "title": "Novell iPrint Client < 5.64 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1708", "CVE-2011-1702", "CVE-2011-1706", "CVE-2011-1699", "CVE-2011-1700", "CVE-2011-1704", "CVE-2011-1703", "CVE-2011-1705", "CVE-2011-1707", "CVE-2011-1701"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:novell:iprint"], "id": "NOVELL_IPRINT_564.NASL", "href": "https://www.tenable.com/plugins/nessus/54988", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(54988);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/11/15 20:50:27\");\n\n script_cve_id(\n \"CVE-2011-1699\",\n \"CVE-2011-1700\",\n \"CVE-2011-1701\",\n \"CVE-2011-1702\",\n \"CVE-2011-1703\",\n \"CVE-2011-1704\",\n \"CVE-2011-1705\",\n \"CVE-2011-1706\",\n \"CVE-2011-1707\",\n \"CVE-2011-1708\"\n );\n script_bugtraq_id(48124);\n script_xref(name:\"Secunia\", value:\"44811\");\n script_xref(name:\"ZDI\", value:\"ZDI-11-172\");\n script_xref(name:\"ZDI\", value:\"ZDI-11-173\");\n script_xref(name:\"ZDI\", value:\"ZDI-11-174\");\n script_xref(name:\"ZDI\", value:\"ZDI-11-175\");\n script_xref(name:\"ZDI\", value:\"ZDI-11-176\");\n script_xref(name:\"ZDI\", value:\"ZDI-11-177\");\n script_xref(name:\"ZDI\", value:\"ZDI-11-178\");\n script_xref(name:\"ZDI\", value:\"ZDI-11-179\");\n script_xref(name:\"ZDI\", value:\"ZDI-11-180\");\n script_xref(name:\"ZDI\", value:\"ZDI-11-181\");\n\n script_name(english:\"Novell iPrint Client < 5.64 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of Novell iPrint Client.\");\n \n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote host contains an application that is affected by multiple\nvulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The version of Novell iPrint Client installed on the remote host is\nprior to 5.64. It is, therefore, affected by one or more of the\nfollowing vulnerabilities in the nipplib.dll component, as used by\nboth types of browser plugins, that can allow for arbitrary code\nexecution :\n\n - The uri parameter from user specified printer-url is\n not properly handled before passing it to a fixed-length\n buffer on the heap. (ZDI-11-172 / CVE-2011-1699)\n \n - The profile-time parameter from the user specified\n printer-url is not properly handled before passing it to\n a fixed-length buffer on the heap.\n (ZDI-11-173 / CVE-2011-1700)\n\n - The profile-name parameter from the user specified\n printer-url is not properly handled before passing it to\n a fixed-length buffer on the heap.\n (ZDI-11-174 / CVE-2011-1701)\n\n - The file-date-time parameter from the user specified\n printer-url is not properly handled before passing it to\n a fixed-length buffer on the heap.\n (ZDI-11-175 / CVE-2011-1702)\n\n - The driver-version parameter from the user specified\n printer-url is not properly handled before passing it to\n a fixed-length buffer on the heap.\n (ZDI-11-176 / CVE-2011-1703)\n \n - The core-package parameter from the user specified\n printer-url is not properly handled before passing it to\n a fixed-length buffer on the heap.\n (ZDI-11-177 / CVE-2011-1704)\n\n - The client-file-name parameter from the user specified\n printer-url is not properly handled before passing it to\n a fixed-length buffer on the heap.\n (ZDI-11-178 / CVE-2011-1705)\n\n - The iprint-client-config-info parameter from the user \n specified printer-url is not properly handled before \n passing it to a fixed-length buffer on the heap.\n (ZDI-11-179 / CVE-2011-1706)\n\n - The op-printer-list-all-jobs cookie parameter from the\n user specified printer-url is not properly handled\n before passing it to a fixed-length buffer on the heap.\n (ZDI-11-180 / CVE-2011-1708)\n\n - The op-printer-list-all-jobs url parameter from the user\n specified printer-url is not properly handled before\n passing it to a fixed-length buffer on the heap.\n (ZDI-11-181 / CVE-2011-1707)\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://download.novell.com/Download?buildid=6_bNby38ERg~\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-11-172/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-11-173/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-11-174/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-11-175/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-11-176/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-11-177/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-11-178/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-11-179/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-11-180/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-11-181/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/518266/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/518267/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/518269/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/518270/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/518271/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/518268/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/518272/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/518273/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/518274/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/518275/30/0/threaded\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Novell iPrint Client 5.64 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/06/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/07\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:novell:iprint\");\n script_end_attributes();\n \n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"novell_iprint_532.nasl\");\n script_require_keys(\"SMB/Novell/iPrint/Version\");\n script_require_ports(139, 445);\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n\nkb_base = \"SMB/Novell/iPrint/\";\n\nversion = get_kb_item_or_exit(kb_base+\"Version\");\nversion_ui = get_kb_item_or_exit(kb_base+\"Version_UI\");\ndll = get_kb_item_or_exit(kb_base+\"DLL\");\n\nfixed_version = \"5.6.4.0\";\nfixed_version_ui = \"5.64\";\n\nif (ver_compare(ver:version, fix:fixed_version) == -1)\n{\n if (report_verbosity > 0)\n {\n path = get_kb_item(kb_base+\"Path\");\n if (isnull(path)) path = 'n/a';\n\n report =\n '\\n File : '+dll+\n '\\n Installed version : '+version_ui+\n '\\n Fixed version : '+fixed_version_ui+'\\n';\n security_hole(port:get_kb_item(\"SMB/transport\"), extra:report);\n }\n else security_hole(get_kb_item(\"SMB/transport\"));\n}\nelse exit(0, \"The host is not affected since Novell iPrint Client \"+version_ui+\" is installed.\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2020-12-09T19:39:06", "description": "Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted op-printer-list-all-jobs parameter in a printer-url.", "edition": 5, "cvss3": {}, "published": "2011-06-09T19:55:00", "title": "CVE-2011-1707", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1707"], "modified": "2018-10-09T19:31:00", "cpe": ["cpe:/a:novell:iprint:5.04", "cpe:/a:novell:iprint:5.52", "cpe:/a:novell:iprint:4.38", "cpe:/a:novell:iprint:4.36", "cpe:/a:novell:iprint:5.60", "cpe:/a:novell:iprint:5.56", "cpe:/a:novell:iprint:5.20b", "cpe:/a:novell:iprint:4.34", "cpe:/a:novell:iprint:5.30", "cpe:/a:novell:iprint:4.26", "cpe:/a:novell:iprint:5.32", "cpe:/a:novell:iprint:5.12", "cpe:/a:novell:iprint:4.27", "cpe:/a:novell:iprint:5.50", "cpe:/a:novell:iprint:5.44", "cpe:/a:novell:iprint:5.42", "cpe:/a:novell:iprint:4.28", "cpe:/a:novell:iprint:4.32", "cpe:/a:novell:iprint:5.40", "cpe:/a:novell:iprint:4.30"], "id": "CVE-2011-1707", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1707", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:novell:iprint:5.44:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.04:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.56:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.20b:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.50:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.42:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.30:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.27:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.52:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.32:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.30:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.26:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.28:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.34:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.12:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.40:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.32:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.36:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.38:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.60:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:39:06", "description": "Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted iprint-client-config-info parameter in a printer-url.", "edition": 5, "cvss3": {}, "published": "2011-06-09T19:55:00", "title": "CVE-2011-1706", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1706"], "modified": "2018-10-09T19:31:00", "cpe": ["cpe:/a:novell:iprint:5.04", "cpe:/a:novell:iprint:5.52", "cpe:/a:novell:iprint:4.38", "cpe:/a:novell:iprint:4.36", "cpe:/a:novell:iprint:5.60", "cpe:/a:novell:iprint:5.56", "cpe:/a:novell:iprint:5.20b", "cpe:/a:novell:iprint:4.34", "cpe:/a:novell:iprint:5.30", "cpe:/a:novell:iprint:4.26", "cpe:/a:novell:iprint:5.32", "cpe:/a:novell:iprint:5.12", "cpe:/a:novell:iprint:4.27", "cpe:/a:novell:iprint:5.50", "cpe:/a:novell:iprint:5.44", "cpe:/a:novell:iprint:5.42", "cpe:/a:novell:iprint:4.28", "cpe:/a:novell:iprint:4.32", "cpe:/a:novell:iprint:5.40", "cpe:/a:novell:iprint:4.30"], "id": "CVE-2011-1706", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1706", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:novell:iprint:5.44:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.04:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.56:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.20b:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.50:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.42:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.30:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.27:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.52:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.32:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.30:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.26:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.28:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.34:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.12:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.40:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.32:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.36:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.38:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.60:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:39:06", "description": "Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted op-printer-list-all-jobs cookie.", "edition": 5, "cvss3": {}, "published": "2011-06-09T21:55:00", "title": "CVE-2011-1708", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1708"], "modified": "2018-10-09T19:31:00", "cpe": ["cpe:/a:novell:iprint:5.04", "cpe:/a:novell:iprint:5.52", "cpe:/a:novell:iprint:4.38", "cpe:/a:novell:iprint:4.36", "cpe:/a:novell:iprint:5.60", "cpe:/a:novell:iprint:5.56", "cpe:/a:novell:iprint:5.20b", "cpe:/a:novell:iprint:4.34", "cpe:/a:novell:iprint:5.30", "cpe:/a:novell:iprint:4.26", "cpe:/a:novell:iprint:5.32", "cpe:/a:novell:iprint:5.12", "cpe:/a:novell:iprint:4.27", "cpe:/a:novell:iprint:5.50", "cpe:/a:novell:iprint:5.44", "cpe:/a:novell:iprint:5.42", "cpe:/a:novell:iprint:4.28", "cpe:/a:novell:iprint:4.32", "cpe:/a:novell:iprint:5.40", "cpe:/a:novell:iprint:4.30"], "id": "CVE-2011-1708", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1708", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:novell:iprint:5.44:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.04:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.56:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.20b:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.50:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.42:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.30:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.27:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.52:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.32:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.30:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.26:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.28:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.34:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.12:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.40:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.32:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.36:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.38:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.60:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:39:06", "description": "Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted file-date-time parameter in a printer-url.", "edition": 5, "cvss3": {}, "published": "2011-06-09T19:55:00", "title": "CVE-2011-1702", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1702"], "modified": "2018-10-09T19:31:00", "cpe": ["cpe:/a:novell:iprint:5.04", "cpe:/a:novell:iprint:5.52", "cpe:/a:novell:iprint:4.38", "cpe:/a:novell:iprint:4.36", "cpe:/a:novell:iprint:5.60", "cpe:/a:novell:iprint:5.56", "cpe:/a:novell:iprint:5.20b", "cpe:/a:novell:iprint:4.34", "cpe:/a:novell:iprint:5.30", "cpe:/a:novell:iprint:4.26", "cpe:/a:novell:iprint:5.32", "cpe:/a:novell:iprint:5.12", "cpe:/a:novell:iprint:4.27", "cpe:/a:novell:iprint:5.50", "cpe:/a:novell:iprint:5.44", "cpe:/a:novell:iprint:5.42", "cpe:/a:novell:iprint:4.28", "cpe:/a:novell:iprint:4.32", "cpe:/a:novell:iprint:5.40", "cpe:/a:novell:iprint:4.30"], "id": "CVE-2011-1702", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1702", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:novell:iprint:5.44:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.04:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.56:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.20b:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.50:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.42:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.30:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.27:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.52:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.32:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.30:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.26:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.28:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.34:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.12:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.40:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.32:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.36:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.38:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.60:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:39:06", "description": "Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted uri parameter in a printer-url.", "edition": 5, "cvss3": {}, "published": "2011-06-09T19:55:00", "title": "CVE-2011-1699", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1699"], "modified": "2018-10-09T19:31:00", "cpe": ["cpe:/a:novell:iprint:5.04", "cpe:/a:novell:iprint:5.52", "cpe:/a:novell:iprint:4.38", "cpe:/a:novell:iprint:4.36", "cpe:/a:novell:iprint:5.60", "cpe:/a:novell:iprint:5.56", "cpe:/a:novell:iprint:5.20b", "cpe:/a:novell:iprint:4.34", "cpe:/a:novell:iprint:5.30", "cpe:/a:novell:iprint:4.26", "cpe:/a:novell:iprint:5.32", "cpe:/a:novell:iprint:5.12", "cpe:/a:novell:iprint:4.27", "cpe:/a:novell:iprint:5.50", "cpe:/a:novell:iprint:5.44", "cpe:/a:novell:iprint:5.42", "cpe:/a:novell:iprint:4.28", "cpe:/a:novell:iprint:4.32", "cpe:/a:novell:iprint:5.40", "cpe:/a:novell:iprint:4.30"], "id": "CVE-2011-1699", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1699", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:novell:iprint:5.44:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.04:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.56:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.20b:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.50:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.42:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.30:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.27:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.52:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.32:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.30:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.26:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.28:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.34:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.12:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.40:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.32:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.36:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.38:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.60:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:39:06", "description": "Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted core-package parameter in a printer-url.", "edition": 5, "cvss3": {}, "published": "2011-06-09T19:55:00", "title": "CVE-2011-1704", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1704"], "modified": "2018-10-09T19:31:00", "cpe": ["cpe:/a:novell:iprint:5.04", "cpe:/a:novell:iprint:5.52", "cpe:/a:novell:iprint:4.38", "cpe:/a:novell:iprint:4.36", "cpe:/a:novell:iprint:5.60", "cpe:/a:novell:iprint:5.56", "cpe:/a:novell:iprint:5.20b", "cpe:/a:novell:iprint:4.34", "cpe:/a:novell:iprint:5.30", "cpe:/a:novell:iprint:4.26", "cpe:/a:novell:iprint:5.32", "cpe:/a:novell:iprint:5.12", "cpe:/a:novell:iprint:4.27", "cpe:/a:novell:iprint:5.50", "cpe:/a:novell:iprint:5.44", "cpe:/a:novell:iprint:5.42", "cpe:/a:novell:iprint:4.28", "cpe:/a:novell:iprint:4.32", "cpe:/a:novell:iprint:5.40", "cpe:/a:novell:iprint:4.30"], "id": "CVE-2011-1704", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1704", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:novell:iprint:5.44:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.04:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.56:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.20b:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.50:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.42:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.30:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.27:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.52:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.32:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.30:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.26:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.28:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.34:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.12:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.40:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.32:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.36:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.38:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.60:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:39:06", "description": "Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted client-file-name parameter in a printer-url.", "edition": 5, "cvss3": {}, "published": "2011-06-09T19:55:00", "title": "CVE-2011-1705", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1705"], "modified": "2018-10-09T19:31:00", "cpe": ["cpe:/a:novell:iprint:5.04", "cpe:/a:novell:iprint:5.52", "cpe:/a:novell:iprint:4.38", "cpe:/a:novell:iprint:4.36", "cpe:/a:novell:iprint:5.60", "cpe:/a:novell:iprint:5.56", "cpe:/a:novell:iprint:5.20b", "cpe:/a:novell:iprint:4.34", "cpe:/a:novell:iprint:5.30", "cpe:/a:novell:iprint:4.26", "cpe:/a:novell:iprint:5.32", "cpe:/a:novell:iprint:5.12", "cpe:/a:novell:iprint:4.27", "cpe:/a:novell:iprint:5.50", "cpe:/a:novell:iprint:5.44", "cpe:/a:novell:iprint:5.42", "cpe:/a:novell:iprint:4.28", "cpe:/a:novell:iprint:4.32", "cpe:/a:novell:iprint:5.40", "cpe:/a:novell:iprint:4.30"], "id": "CVE-2011-1705", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1705", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:novell:iprint:5.44:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.04:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.56:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.20b:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.50:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.42:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.30:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.27:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.52:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.32:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.30:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.26:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.28:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.34:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.12:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.40:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.32:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.36:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.38:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.60:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:39:06", "description": "Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted profile-time parameter in a printer-url.", "edition": 5, "cvss3": {}, "published": "2011-06-09T19:55:00", "title": "CVE-2011-1700", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1700"], "modified": "2018-10-09T19:31:00", "cpe": ["cpe:/a:novell:iprint:5.04", "cpe:/a:novell:iprint:5.52", "cpe:/a:novell:iprint:4.38", "cpe:/a:novell:iprint:4.36", "cpe:/a:novell:iprint:5.60", "cpe:/a:novell:iprint:5.56", "cpe:/a:novell:iprint:5.20b", "cpe:/a:novell:iprint:4.34", "cpe:/a:novell:iprint:5.30", "cpe:/a:novell:iprint:4.26", "cpe:/a:novell:iprint:5.32", "cpe:/a:novell:iprint:5.12", "cpe:/a:novell:iprint:4.27", "cpe:/a:novell:iprint:5.50", "cpe:/a:novell:iprint:5.44", "cpe:/a:novell:iprint:5.42", "cpe:/a:novell:iprint:4.28", "cpe:/a:novell:iprint:4.32", "cpe:/a:novell:iprint:5.40", "cpe:/a:novell:iprint:4.30"], "id": "CVE-2011-1700", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1700", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:novell:iprint:5.44:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.04:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.56:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.20b:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.50:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.42:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.30:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.27:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.52:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.32:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.30:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.26:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.28:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.34:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.12:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.40:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.32:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.36:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.38:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.60:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:39:06", "description": "Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted profile-name parameter in a printer-url.", "edition": 5, "cvss3": {}, "published": "2011-06-09T19:55:00", "title": "CVE-2011-1701", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1701"], "modified": "2018-10-09T19:31:00", "cpe": ["cpe:/a:novell:iprint:5.04", "cpe:/a:novell:iprint:5.52", "cpe:/a:novell:iprint:4.38", "cpe:/a:novell:iprint:4.36", "cpe:/a:novell:iprint:5.60", "cpe:/a:novell:iprint:5.56", "cpe:/a:novell:iprint:5.20b", "cpe:/a:novell:iprint:4.34", "cpe:/a:novell:iprint:5.30", "cpe:/a:novell:iprint:4.26", "cpe:/a:novell:iprint:5.32", "cpe:/a:novell:iprint:5.12", "cpe:/a:novell:iprint:4.27", "cpe:/a:novell:iprint:5.50", "cpe:/a:novell:iprint:5.44", "cpe:/a:novell:iprint:5.42", "cpe:/a:novell:iprint:4.28", "cpe:/a:novell:iprint:4.32", "cpe:/a:novell:iprint:5.40", "cpe:/a:novell:iprint:4.30"], "id": "CVE-2011-1701", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1701", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:novell:iprint:5.44:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.04:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.56:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.20b:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.50:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.42:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.30:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.27:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.52:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.32:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.30:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.26:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.28:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.34:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.12:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.40:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.32:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.36:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.38:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.60:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:39:06", "description": "Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted driver-version parameter in a printer-url.", "edition": 5, "cvss3": {}, "published": "2011-06-09T19:55:00", "title": "CVE-2011-1703", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1703"], "modified": "2018-10-09T19:31:00", "cpe": ["cpe:/a:novell:iprint:5.04", "cpe:/a:novell:iprint:5.52", "cpe:/a:novell:iprint:4.38", "cpe:/a:novell:iprint:4.36", "cpe:/a:novell:iprint:5.60", "cpe:/a:novell:iprint:5.56", "cpe:/a:novell:iprint:5.20b", "cpe:/a:novell:iprint:4.34", "cpe:/a:novell:iprint:5.30", "cpe:/a:novell:iprint:4.26", "cpe:/a:novell:iprint:5.32", "cpe:/a:novell:iprint:5.12", "cpe:/a:novell:iprint:4.27", "cpe:/a:novell:iprint:5.50", "cpe:/a:novell:iprint:5.44", "cpe:/a:novell:iprint:5.42", "cpe:/a:novell:iprint:4.28", "cpe:/a:novell:iprint:4.32", "cpe:/a:novell:iprint:5.40", "cpe:/a:novell:iprint:4.30"], "id": "CVE-2011-1703", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1703", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:novell:iprint:5.44:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.04:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.56:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.20b:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.50:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.42:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.30:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.27:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.52:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.32:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.30:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.26:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.28:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.34:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.12:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.40:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.32:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.36:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:4.38:*:*:*:*:*:*:*", "cpe:2.3:a:novell:iprint:5.60:*:*:*:*:*:*:*"]}], "zdi": [{"lastseen": "2020-06-22T11:41:54", "bulletinFamily": "info", "cvelist": ["CVE-2011-1707"], "edition": 3, "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib component which is used by both the ActiveX and Netscape compatible browser plugins. When handling the op-printer-list-all-jobs parameter from the user specified printer-url the process blindly copies user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.", "modified": "2011-06-22T00:00:00", "published": "2011-06-06T00:00:00", "href": "https://www.zerodayinitiative.com/advisories/ZDI-11-181/", "id": "ZDI-11-181", "title": "Novell iPrint op-printer-list-all-jobs url Remote Code Execution Vulnerability", "type": "zdi", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-22T11:41:01", "bulletinFamily": "info", "cvelist": ["CVE-2011-1706"], "edition": 3, "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib component which is used by both the ActiveX and Netscape compatible browser plugins. When handling the iprint-client-config-info parameter from the user specified printer-url the process blindly copies user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.", "modified": "2011-06-22T00:00:00", "published": "2011-06-06T00:00:00", "href": "https://www.zerodayinitiative.com/advisories/ZDI-11-179/", "id": "ZDI-11-179", "title": "Novell iPrint nipplib.dll iprint-client-config-info Remote Code Execution Vulnerability", "type": "zdi", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-22T11:41:45", "bulletinFamily": "info", "cvelist": ["CVE-2011-1699"], "edition": 3, "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib component which is used by both the ActiveX and Netscape compatible browser plugins. When handling the uri parameter from the user specified printer-url the process blindly copies user supplied data into a fixed-length buffer on the heap. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.", "modified": "2011-06-22T00:00:00", "published": "2011-06-06T00:00:00", "href": "https://www.zerodayinitiative.com/advisories/ZDI-11-172/", "id": "ZDI-11-172", "title": "Novell iPrint nipplib.dll uri Remote Code Execution Vulnerability", "type": "zdi", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-22T11:41:00", "bulletinFamily": "info", "cvelist": ["CVE-2011-1703"], "edition": 3, "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib component which is used by both the ActiveX and Netscape compatible browser plugins. When handling the driver-version parameter from the user specified printer-url the process blindly copies user supplied data into a fixed-length buffer on the heap. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.", "modified": "2011-06-22T00:00:00", "published": "2011-06-06T00:00:00", "href": "https://www.zerodayinitiative.com/advisories/ZDI-11-176/", "id": "ZDI-11-176", "title": "Novell iPrint nipplib.dll driver-version Remote Code Vulnerability", "type": "zdi", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-22T11:40:27", "bulletinFamily": "info", "cvelist": ["CVE-2011-1708"], "edition": 3, "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib component which is used by both the ActiveX and Netscape compatible browser plugins. When handling the op-printer-list-all-jobs parameter from the user specified printer-url the process blindly copies user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.", "modified": "2011-06-22T00:00:00", "published": "2011-06-06T00:00:00", "href": "https://www.zerodayinitiative.com/advisories/ZDI-11-180/", "id": "ZDI-11-180", "title": "Novell iPrint op-printer-list-all-jobs cookie Remote Code Execution Vulnerability", "type": "zdi", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-22T11:39:58", "bulletinFamily": "info", "cvelist": ["CVE-2011-1700"], "edition": 3, "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib component which is used by both the ActiveX and Netscape compatible browser plugins. When handling the profile-time parameter from the user specified printer-url the process blindly copies user supplied data into a fixed-length buffer on the heap. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.", "modified": "2011-06-22T00:00:00", "published": "2011-06-06T00:00:00", "href": "https://www.zerodayinitiative.com/advisories/ZDI-11-173/", "id": "ZDI-11-173", "title": "Novell iPrint nipplib.dll profile-time Remote Code Execution Vulnerability", "type": "zdi", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-22T11:40:30", "bulletinFamily": "info", "cvelist": ["CVE-2011-1705"], "edition": 3, "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib component which is used by both the ActiveX and Netscape compatible browser plugins. When handling the client-file-name parameter from the user specified printer-url the process blindly copies user supplied data into a fixed-length buffer on the heap. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.", "modified": "2011-06-22T00:00:00", "published": "2011-06-06T00:00:00", "href": "https://www.zerodayinitiative.com/advisories/ZDI-11-178/", "id": "ZDI-11-178", "title": "Novell iPrint nipplib.dll client-file-name Remote Code Execution Vulnerability", "type": "zdi", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-22T11:41:59", "bulletinFamily": "info", "cvelist": ["CVE-2011-1704"], "edition": 3, "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib component which is used by both the ActiveX and Netscape compatible browser plugins. When handling the core-package parameter from the user specified printer-url the process blindly copies user supplied data into a fixed-length buffer on the heap. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.", "modified": "2011-06-22T00:00:00", "published": "2011-06-06T00:00:00", "href": "https://www.zerodayinitiative.com/advisories/ZDI-11-177/", "id": "ZDI-11-177", "title": "Novell iPrint nipplib.dll core-package Remote Code Execution Vulnerability", "type": "zdi", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-22T11:40:21", "bulletinFamily": "info", "cvelist": ["CVE-2011-1702"], "edition": 3, "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib component which is used by both the ActiveX and Netscape compatible browser plugins. When handling the file-date-time parameter from the user specified printer-url the process blindly copies user supplied data into a fixed-length buffer on the heap. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.", "modified": "2011-06-22T00:00:00", "published": "2011-06-06T00:00:00", "href": "https://www.zerodayinitiative.com/advisories/ZDI-11-175/", "id": "ZDI-11-175", "title": "Novell iPrint nipplib.dll file-date-time Remote Code Execution Vulnerability", "type": "zdi", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-22T11:42:18", "bulletinFamily": "info", "cvelist": ["CVE-2011-1701"], "edition": 3, "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib component which is used by both the ActiveX and Netscape compatible browser plugins. When handling the profile-name parameter from the user specified printer-url the process blindly copies user supplied data into a fixed-length buffer on the heap. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.", "modified": "2011-06-22T00:00:00", "published": "2011-06-06T00:00:00", "href": "https://www.zerodayinitiative.com/advisories/ZDI-11-174/", "id": "ZDI-11-174", "title": "Novell iPrint nipplib.dll profile-name Remote Code Execution Vulnerability", "type": "zdi", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}