Test ID:	1.3.6.1.4.1.25623.1.0.801951
Category:	Buffer overflow
Title:	Novell iPrint Client 'printer-url' Multiple BOF Vulnerabilities - Windows
Summary:	Novell iPrint Client is prone to multiple buffer overflow vulnerabilities.
Description:	Summary: Novell iPrint Client is prone to multiple buffer overflow vulnerabilities. Vulnerability Insight: The flaws exist within the 'nipplib' component which is used by both the ActiveX and Netscape compatible browser plugins. When handling the various parameters from the user specified printer-url the process blindly copies user supplied data into a fixed-length buffer on the heap. Vulnerability Impact: Successful exploitation could allow attackers to execute arbitrary code under the context of the browser. Affected Software/OS: Novell iPrint Client version prior to 5.64 on windows. Solution: Upgrade to Novell iPrint Client 5.64 or later. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1699 BugTraq ID: 48124 http://www.securityfocus.com/bid/48124 Bugtraq: 20110606 ZDI-11-172: Novell iPrint nipplib.dll uri Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/518266/100/0/threaded http://zerodayinitiative.com/advisories/ZDI-11-172/ http://www.securitytracker.com/id?1025606 http://secunia.com/advisories/44811 Common Vulnerability Exposure (CVE) ID: CVE-2011-1700 Bugtraq: 20110606 ZDI-11-173: Novell iPrint nipplib.dll profile-time Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/518267/100/0/threaded http://zerodayinitiative.com/advisories/ZDI-11-173/ Common Vulnerability Exposure (CVE) ID: CVE-2011-1701 Bugtraq: 20110606 ZDI-11-174: Novell iPrint nipplib.dll profile-name Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/518269/100/0/threaded http://zerodayinitiative.com/advisories/ZDI-11-174/ XForce ISS Database: novell-iprint-profilename-bo(67876) https://exchange.xforce.ibmcloud.com/vulnerabilities/67876 Common Vulnerability Exposure (CVE) ID: CVE-2011-1702 Bugtraq: 20110606 ZDI-11-175: Novell iPrint nipplib.dll file-date-time Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/518270/100/0/threaded http://zerodayinitiative.com/advisories/ZDI-11-175/ XForce ISS Database: novell-iprint-filedatetime-bo(67877) https://exchange.xforce.ibmcloud.com/vulnerabilities/67877 Common Vulnerability Exposure (CVE) ID: CVE-2011-1703 Bugtraq: 20110606 ZDI-11-176: Novell iPrint nipplib.dll driver-version Remote Code Vulnerability (Google Search) http://www.securityfocus.com/archive/1/518271/100/0/threaded http://zerodayinitiative.com/advisories/ZDI-11-176/ XForce ISS Database: novell-iprint-driverversion-bo(67878) https://exchange.xforce.ibmcloud.com/vulnerabilities/67878 Common Vulnerability Exposure (CVE) ID: CVE-2011-1704 Bugtraq: 20110606 ZDI-11-177: Novell iPrint nipplib.dll core-package Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/518268/100/0/threaded http://zerodayinitiative.com/advisories/ZDI-11-177/ XForce ISS Database: novell-iprint-corepackage-bo(67879) https://exchange.xforce.ibmcloud.com/vulnerabilities/67879 Common Vulnerability Exposure (CVE) ID: CVE-2011-1705 Bugtraq: 20110606 ZDI-11-178: Novell iPrint nipplib.dll client-file-name Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/518272/100/0/threaded http://zerodayinitiative.com/advisories/ZDI-11-178/ XForce ISS Database: novell-iprint-clientfilename-bo(67880) https://exchange.xforce.ibmcloud.com/vulnerabilities/67880 Common Vulnerability Exposure (CVE) ID: CVE-2011-1706 Bugtraq: 20110606 ZDI-11-179: Novell iPrint nipplib.dll iprint-client-config-info Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/518273/100/0/threaded http://zerodayinitiative.com/advisories/ZDI-11-179/ XForce ISS Database: novell-iprint-iprintclientconfiginfo-bo(67881) https://exchange.xforce.ibmcloud.com/vulnerabilities/67881 Common Vulnerability Exposure (CVE) ID: CVE-2011-1707 Bugtraq: 20110606 ZDI-11-181: Novell iPrint op-printer-list-all-jobs url Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/518275/100/0/threaded http://zerodayinitiative.com/advisories/ZDI-11-181/ XForce ISS Database: novell-iprint-opprinterlistalljobs-bo(67883) https://exchange.xforce.ibmcloud.com/vulnerabilities/67883 Common Vulnerability Exposure (CVE) ID: CVE-2011-1708 Bugtraq: 20110606 ZDI-11-180: Novell iPrint op-printer-list-all-jobs cookie Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/518274/100/0/threaded http://zerodayinitiative.com/advisories/ZDI-11-180/ XForce ISS Database: novell-iprint-opprinterlistalljobs-cookie-bo(67882) https://exchange.xforce.ibmcloud.com/vulnerabilities/67882
Copyright	Copyright (C) 2011 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.