Skip to main content

Novell iPrint Client "GetDriverSettings()" Buffer Overflow Vulnerability

Last Update Date: 28 Oct 2011 14:59 Release Date: 28 Oct 2011 5715 Views

RISK: Medium Risk

TYPE: Clients - Productivity Products

TYPE: Productivity Products

A vulnerability has been identifited in Novell iPrint Client, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a boundary error within the "GetDriverSettings()" function in nipplib.dll. This can be exploited to cause a stack-based buffer overflow via overly long "hostname" and "port" parameters.

Successful exploitation may allow execution of arbitrary code.


Impact

  • Remote Code Execution

System / Technologies affected

  • Novell iPrint Client 5.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to version 5.72.

Vulnerability Identifier


Source


Related Link