Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:3ADA11B071CAB652E27AB8F436A9BF78
HistoryDec 23, 2011 - 12:00 a.m.

Novell iPrint Client ActiveX Control GetDriverSettings Stack Overflow

2011-12-2300:00:00
SAINT Corporation
download.saintcorporation.com
21

0.406 Medium

EPSS

Percentile

97.3%

JSON

Added: 12/23/2011
CVE: CVE-2011-3173
BID: 50367
OSVDB: 76631

Background

Novell iPrint is an application which allows users to install and manage printers. Novell iPrint installs the Novell iPrint Client ActiveX control named **ienipp.ocx**.

Problem

A buffer overflow vulnerability in the ActiveX control of Novell iPrint Client versions prior to 5.72 allows command execution when a user loads a web page which calls the GetDriverSettings method with a specially crafted argument. Note that this vulnerability is different than CVE-2010-4321, and affects versions of iPrint that have applied the patch for CVE-2010-4321.

Resolution

Upgrade to iPrint Client 5.72 or later.

References

<http://www.novell.com/support/viewContent.do?externalId=7009676&gt;
<http://www.zerodayinitiative.com/advisories/ZDI-11-309/&gt;

Limitations

This exploit has been tested against Novell iPrint 5.72 and requires a user to load the exploit page in Internet Explorer 7.

Platforms

Windows

Related

saint 7
prion 3
cve 3
nessus 2
cvelist 3
packetstorm 2
openvas 2
nvd 3
zdi 2
securityvulns 2
checkpoint_advisories 1
saint
saint
Novell iPrint Client ActiveX Control GetDriverSettings Stack Overflow
2011-12-23 00:00:00
Novell iPrint Client ActiveX Control GetDriverSettings Stack Overflow
2011-12-23 00:00:00
Novell iPrint Client ActiveX Control GetDriverSettings Stack Overflow
2011-12-23 00:00:00
prion
prion
Stack overflow
2010-12-30 19:00:00
Stack overflow
2011-11-30 04:05:00
Buffer overflow
2012-02-21 13:31:00
cve
cve
CVE-2010-4321
2010-12-30 19:00:04
CVE-2011-3173
2022-10-03 16:15:06
CVE-2011-4187
2022-10-03 16:15:15
nessus
nessus
Novell iPrint Client < 5.56 Multiple Vulnerabilities
2010-12-29 00:00:00
Novell iPrint Client < 5.72 nipplib.dll GetDriverSettings Function Buffer Overflow
2011-10-31 00:00:00
cvelist
cvelist
CVE-2010-4321
2010-12-30 18:00:00
CVE-2011-3173
2022-10-03 16:15:06
CVE-2011-4187
2022-10-03 16:15:15
packetstorm
packetstorm
Novell iPrint 5.52 ActiveX GetDriverSettings() Exploit
2011-01-19 00:00:00
Novell iPrint Client ActiveX Control <= 5.52 Buffer Overflow
2011-03-06 00:00:00
openvas
openvas
Novell iPrint Client 'ienipp.ocx' ActiveX Buffer Overflow Vulnerability
2011-01-03 00:00:00
Novell iPrint Client 'ienipp.ocx' ActiveX Buffer Overflow Vulnerability
2011-01-03 00:00:00
nvd
nvd
CVE-2010-4321
2010-12-30 19:00:04
CVE-2011-3173
2011-11-30 04:05:58
CVE-2011-4187
2012-02-21 13:31:35
zdi
zdi
Novell iPrint Activex GetDriverSettings Remote Code Execution Vulnerability
2010-12-23 00:00:00
Novell iPrint Client nipplib.dll GetDriverSettings Remote Code Execution Vulnerability
2011-10-26 00:00:00
securityvulns
securityvulns
ZDI-11-309 : Novell iPrint Client nipplib.dll GetDriverSettings Remote Code Execution Vulnerability
2011-10-31 00:00:00
Novell iPrint buffer overflow
2011-10-31 00:00:00
checkpoint_advisories
checkpoint_advisories
Novell iPrint Client GetDriverSettings Stack Buffer Overflow (CVE-2011-3173)
2010-12-12 00:00:00

0.406 Medium

EPSS

Percentile

97.3%

JSON
Related for SAINT:3ADA11B071CAB652E27AB8F436A9BF78
saint7prion3cve3nessus2cvelist3packetstorm2openvas2nvd3zdi2securityvulns2checkpoint_advisories1