CVSS: 9.3EPSS: 34%CPEs: 20EXPL: 0CVE-2011-1708 – Novell iPrint op-printer-list-all-jobs cookie Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-1708
Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted op-printer-list-all-jobs cookie. Desbordamiento de búfer basado en pila en nipplib.dll de Novell iPrint Client antes de v5.64, permite a atacantes remotos ejecutar código de su elección a través de una cookie manipulada en op-printer-list-all-jobs This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib component which is used by both the ActiveX and Netscape compatible browser plugins. When handling the op-printer-list-all-jobs parameter from the user specified printer-url the process blindly copies user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser. • http://download.novell.com/Download?buildid=6_bNby38ERg~ http://secunia.com/advisories/44811 http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7008731 http://www.securityfocus.com/archive/1/518274/100/0/threaded http://www.securityfocus.com/bid/48124 http://www.securitytracker.com/id?1025606 http://zerodayinitiative.com/advisories/ZDI-11-180 https://exchange.xforce.ibmcloud.com/vulnerabilities/67882 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.0EPSS: 93%CPEs: 2EXPL: 1CVE-2010-4328 – Novell iPrint LPD Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-4328
Multiple stack-based buffer overflows in opt/novell/iprint/bin/ipsmd in Novell iPrint for Linux Open Enterprise Server 2 SP2 and SP3 allow remote attackers to execute arbitrary code via unspecified LPR opcodes. Múltiples desbordamientos de búfer basados en pila en opt/novell/iPrint/bin/ipsmd en Novell iPrint para Linux Open Enterprise Server v2 SP2 y SP3 permiten a atacantes remotos ejecutar código de su elección a través de códigos de operación LPR no especificados. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Server. Authentication is not required to exploit this vulnerability. The flaw exists within the '/opt/novell/iprint/bin/ipsmd' component this component communicates with 'ilprsrvd' which listens on TCP port 515. When handling multiple LPR opcodes the process blindly copies user supplied data into a fixed-length buffer on the stack. • https://www.exploit-db.com/exploits/16192 http://download.novell.com/Download?buildid=KloKR_CmrBs~ http://osvdb.org/70852 http://secunia.com/advisories/43281 http://securityreason.com/securityalert/8096 http://www.novell.com/support/viewContent.do?externalId=7007858&sliceId=1 http://www.securityfocus.com/archive/1/516506/100/0/threaded http://www.securityfocus.com/bid/46309 http://www.securitytracker.com/id?1025074 http://www.vupen.com/english/advisories/2011/0353 http://ww • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 85%CPEs: 25EXPL: 0CVE-2011-4187 – Novell iPrint Client nipplib.dll GetDriverSettings realm Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-4187
Buffer overflow in the GetDriverSettings function in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a long realm field, a different vulnerability than CVE-2011-3173. Desbordamiento de búfer en la función GetDriverSettings en ??nipplib.dll en el cliente de Novell iPrint antes de v5.78 en Windows permite a atacantes remotos ejecutar código de su elección a través de un campo de dominio de largo. Se trata de una vulnerabilidad diferente a CVE-2011-3173. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. • http://www.novell.com/support/viewContent.do?externalId=7008708 http://www.novell.com/support/viewContent.do?externalId=7010143 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 35%CPEs: 1EXPL: 3CVE-2010-4321 – Novell iPrint Activex GetDriverSettings Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-4321
Stack-based buffer overflow in an ActiveX control in ienipp.ocx in Novell iPrint Client 5.52 allows remote attackers to execute arbitrary code via a long argument to (1) the GetDriverSettings2 method, as reachable by (2) the GetDriverSettings method. El desbordamiento de búfer en la región stack de la memoria en un control ActiveX en el archivo ienipp.ocx en Novell iPrint Client versión 5.52, permite a los atacantes remotos ejecutar código arbitrario por medio de un argumento largo en (1) el método GetDriverSettings2, según sea accesible por (2 ) el método GetDriverSettings. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the ienipp.ocx component. When handling the exposed method a GetDriverSettings call is made into nipplib! • https://www.exploit-db.com/exploits/16014 https://www.exploit-db.com/exploits/16956 http://securityreason.com/securityalert/8125 http://www.exploit-db.com/exploits/16014 http://www.novell.com/support/viewContent.do?externalId=7007234 http://www.securityfocus.com/bid/44966 http://www.zerodayinitiative.com/advisories/ZDI-10-256 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 2%CPEs: 14EXPL: 0CVE-2010-3109
https://notcve.org/view.php?id=CVE-2010-3109
Stack-based buffer overflow in the browser plugin in Novell iPrint Client before 5.42 allows remote attackers to execute arbitrary code via a long operation parameter. Un desbordamiento de búfer basado en pila en el complemento del navegador en Novell iPrint Client antes de v5.42 permite a atacantes remotos ejecutar código arbitrario mediante un parámetro operation excesivamente largo. • http://download.novell.com/Download?buildid=ftwZBxEFjIg~ http://www.zerodayinitiative.com/advisories/ZDI-10-140 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12046 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •