| The Vigil@nce team watches vulnerabilities impacting your computers, and then offers solutions, a database and tools to correct them. |
|
 |
|
|
|
vulnerability bulletin CVE-2011-4194
Novell Open Enterprise Server: buffer overflow via iPrint
Synthesis of the vulnerability
| A remote attacker can generate a buffer overflow in Novell iPrint Server, in order to execute code. |
Severity: 3/4.
Creation date: 02/02/2012.
|
Impacted products
Description of the vulnerability
The IPP (Internet Printing Protocol) protocol is used to remotely manage printers.
The IPP Print-Job and Create-Job operations print a file, or create a print job. A Print-Job or Create-Job query can have attributes:
- attributes-charset
- attributes-natural-language
- printer-uri
- etc.
However, if an IPP query uses a long "attributes-natural-language" attribute, an overflow occurs in Novell iPrint Server.
A remote attacker can therefore generate a buffer overflow in Novell iPrint Server, in order to execute code. |
Share this bulletin
Complete Vigil@nce bulletin
Characteristics
Title: Novell Open Enterprise Server: buffer overflow via iPrint.
Keywords: Create-Job Enterprise IPP Internet Novell Open Print-Job Printing Protocol Server buffer iPrint overflow.
Identifiers: 7010084, BID-51791, CVE-2011-4194, VIGILANCE-VUL-11338, ZDI-12-031.
|
Information sources
Solutions for this vulnerability
Computer vulnerabilities tracking service
Vigil@nce provides a systems vulnerabilities watch. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications. The technology watch team tracks security threats targeting the computer system.
|
