Novell iPrint ActiveX control GetDriverFile buffer overflow

2008-09-16T00:00:00
ID SAINT:98EC5383E7D8D38B5A15C94C3F18A4F8
Type saint
Reporter SAINT Corporation
Modified 2008-09-16T00:00:00

Description

Added: 09/16/2008
CVE: CVE-2008-2431
BID: 30813
OSVDB: 51684

Background

Novell iPrint is an application which allows users to install and manage printers. Novell iPrint installs the Novell iPrint ActiveX control named **ienipp.ocx**.

Problem

A buffer overflow vulnerability in the Novell iPrint ActiveX control allows command execution when a user loads a web page which calls the **GetDriverFile** method with specially crafted arguments.

Resolution

Upgrade to Novell iPrint client 5.06 or higher.

References

<http://secunia.com/secunia_research/2008-27/advisory/>

Limitations

Exploit works on Novell iPrint Client 4.36.00 and requires a user to open the exploit page in Internet Explorer.

Platforms

Windows