Vulnerability Name:

CVE-2008-2436 (CCN-44853)

Assigned:2008-09-03
Published:2008-09-03
Updated:2018-10-11
Summary:Multiple heap-based buffer overflows in the IppCreateServerRef function in nipplib.dll in Novell iPrint Client 4.x before 4.38 and 5.x before 5.08 allow remote attackers to execute arbitrary code via a long argument to the (1) GetPrinterURLList, (2) GetPrinterURLList2, or (3) GetFileList2 function in the Novell iPrint ActiveX control in ienipp.ocx.
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): 
Access Complexity (AC): 
Authentication (Au): 
Impact Metrics:Confidentiality (C): 
Integrity (I): 
Availibility (A): 
9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): 
Access Complexity (AC): 
Athentication (Au): 
Impact Metrics:Confidentiality (C): 
Integrity (I): 
Availibility (A): 
Vulnerability Type:CWE-94
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2008-2436

Source: CCN
Type: Novell Downloads Web site
Novell iPrint Client for Windows 4.38

Source: CCN
Type: SA31370
Novell iPrint Client nipplib.dll "IppCreateServerRef()" Buffer Overflow

Source: SECUNIA
Type: Patch, Vendor Advisory
31370

Source: MISC
Type: Vendor Advisory
http://secunia.com/secunia_research/2008-33/advisory

Source: CCN
Type: Secunia Research 03/09/2008
Novell iPrint Client nipplib.dll "IppCreateServerRef()" Buffer Overflow

Source: SREASON
Type: UNKNOWN
4228

Source: CCN
Type: SECTRACK ID: 1020806
Novell iPrint Buffer Overflow in ActiveX Control IppCreateServerRef() Function Lets Remote Users Execute Arbitrary Code

Source: BUGTRAQ
Type: UNKNOWN
20080903 Secunia Research: Novell iPrint Client nipplib.dll "IppCreateServerRef()" Buffer Overflow

Source: BID
Type: UNKNOWN
30986

Source: CCN
Type: BID-30986
Novell iPrint Client 'IppCreateServerRef()' Remote Buffer Overflow Vulnerability

Source: SECTRACK
Type: UNKNOWN
1020806

Source: VUPEN
Type: UNKNOWN
ADV-2008-2481

Source: XF
Type: UNKNOWN
novell-iprint-ippcreateserverref-bo(44853)

Source: XF
Type: UNKNOWN
novell-iprint-ippcreateserverref-bo(44853)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:novell:iprint_client:4.26:*:windows:*:*:*:*:*
  • OR cpe:/a:novell:iprint_client:4.32:*:windows:*:*:*:*:*
  • OR cpe:/a:novell:iprint_client:4.35:*:windows:*:*:*:*:*
  • OR cpe:/a:novell:iprint_client:4.36:*:windows:*:*:*:*:*
  • OR cpe:/a:novell:iprint_client:5.06:*:vista:*:*:*:*:*

  • * Denotes that component is vulnerable
    Vulnerability Name:

    CVE-2008-2436 (CCN-46051)

    Assigned:2008-09-03
    Published:2008-09-03
    Updated:2008-09-03
    Summary:The Novell iPrint ActiveX control (ienipp.ocx) is vulnerable to multiple buffer overflows. By persuading a victim to visit a specially-crafted Web page that uses one of several vulnerable methods, a remote attacker could overlow a buffer and execute aribtrary code on the system with the privileges of the user or cause the victim's browser to crash.
    CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
    Exploitability Metrics:Attack Vector (AV): Network
    Attack Complexity (AC): Low
    Privileges Required (PR): None
    User Interaction (UI): None
    Scope:Scope (S): Changed
    Impact Metrics:Confidentiality (C): High
    Integrity (I): High
    Availibility (A): High
    CVSS v2 Severity:9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
    6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
    Exploitability Metrics:Access Vector (AV): 
    Access Complexity (AC): 
    Authentication (Au): 
    Impact Metrics:Confidentiality (C): 
    Integrity (I): 
    Availibility (A): 
    9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
    6.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
    Exploitability Metrics:Access Vector (AV): 
    Access Complexity (AC): 
    Athentication (Au): 
    Impact Metrics:Confidentiality (C): 
    Integrity (I): 
    Availibility (A): 
    Vulnerability Consequences:Gain Access
    References:Source: MITRE
    Type: CNA
    CVE-2008-0935

    Source: MITRE
    Type: CNA
    CVE-2008-2431

    Source: MITRE
    Type: CNA
    CVE-2008-2436

    Source: CCN
    Type: IBM Internet Security Systems X-Force Database
    Novell iPrint ActiveX control GetDriverFile() buffer overflow

    Source: XF
    Type: UNKNOWN
    novell-iprint-multiple-bo(46051)

    Vulnerable Configuration:Configuration CCN 1:
  • cpe:/a:novell:iprint_client:4.35:*:*:*:*:*:*:*
  • OR cpe:/a:novell:iprint_client:4.36:*:*:*:*:*:*:*
  • OR cpe:/a:novell:iprint_client:4.26:*:*:*:*:*:*:*
  • OR cpe:/a:novell:iprint_client:4.32:*:*:*:*:*:*:*
  • OR cpe:/a:novell:iprint_client:5.06:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    BACK
    novell iprint client 4.26
    novell iprint client 4.32
    novell iprint client 4.35
    novell iprint client 4.36
    novell iprint client 5.06
    novell iprint client 4.35
    novell iprint client 4.36
    novell iprint client 4.26
    novell iprint client 4.32
    novell iprint client 5.06