CVE-2008-2431
published 2008-11-26CVE-2008-2431: Multiple buffer overflows in Novell iPrint Client before 5.06 allow remote attackers to execute arbitrary code by calling the Novell iPrint ActiveX control…
PriorityP354critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
46.33%
98.7th percentile
Multiple buffer overflows in Novell iPrint Client before 5.06 allow remote attackers to execute arbitrary code by calling the Novell iPrint ActiveX control (aka ienipp.ocx) with (1) a long third argument to the GetDriverFile method; a long first argument to the (2) GetPrinterURLList or (3) GetPrinterURLList2 method; (4) a long argument to the GetFileList method; a long argument to the (5) GetServerVersion, (6) GetResourceList, or (7) DeleteResource method, related to nipplib.dll; a long uploadPath argument to the (8) UploadPrinterDriver or (9) UploadResource method, related to URIs; (10) a long seventh argument to the UploadResource method; a long string in the (11) second, (12) third, or (13) fourth argument to the GetDriverSettings method, related to the IppGetDriverSettings function in nipplib.dll; or (14) a long eighth argument to the UploadResourceToRMS method.
Affected
25 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| novell | iprint | <= 5.04 | — |
| novell | iprint | <= 5.74 | — |
| novell | iprint | — | — |
| novell | iprint | — | — |
| novell | iprint | — | — |
| novell | iprint | — | — |
| novell | iprint | — | — |
| novell | iprint | — | — |
| novell | iprint | — | — |
| novell | iprint | — | — |
| novell | iprint | — | — |
| novell | iprint | — | — |
| novell | iprint | — | — |
| novell | iprint | — | — |
| novell | iprint | — | — |
| novell | iprint | — | — |
| novell | iprint | — | — |
| novell | iprint | — | — |
| novell | iprint | — | — |
| novell | iprint | — | — |
| novell | iprint | — | — |
| novell | iprint | — | — |
| novell | iprint | — | — |
| novell | iprint | — | — |
| novell | iprint | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-432r-m3pj-m766: The GetPrinterURLList2 method in the ActiveX control in Novell iPrint Client before 5
ghsa_unreviewed·2022-05-17·CVSS 9.3
CVE-2011-4185 [CRITICAL] CWE-119 GHSA-432r-m3pj-m766: The GetPrinterURLList2 method in the ActiveX control in Novell iPrint Client before 5
The GetPrinterURLList2 method in the ActiveX control in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2008-2431 and CVE-2008-2436.
GHSA
GHSA-65qw-rh6m-rvj5: Stack-based buffer overflow in the ExecuteRequest method in the Novell iPrint ActiveX control in ienipp
ghsa_unreviewed·2022-05-17·CVSS 9.3
CVE-2008-5231 [CRITICAL] CWE-119 GHSA-65qw-rh6m-rvj5: Stack-based buffer overflow in the ExecuteRequest method in the Novell iPrint ActiveX control in ienipp
Stack-based buffer overflow in the ExecuteRequest method in the Novell iPrint ActiveX control in ienipp.ocx in Novell iPrint Client 5.06 and earlier allows remote attackers to execute arbitrary code via a long target-frame option value, a different vulnerability than CVE-2008-2431.
GHSA
GHSA-48j5-7r9f-qmwc: Multiple buffer overflows in Novell iPrint Client before 5
ghsa_unreviewed·2022-05-01
CVE-2008-2431 [HIGH] CWE-119 GHSA-48j5-7r9f-qmwc: Multiple buffer overflows in Novell iPrint Client before 5
Multiple buffer overflows in Novell iPrint Client before 5.06 allow remote attackers to execute arbitrary code by calling the Novell iPrint ActiveX control (aka ienipp.ocx) with (1) a long third argument to the GetDriverFile method; a long first argument to the (2) GetPrinterURLList or (3) GetPrinterURLList2 method; (4) a long argument to the GetFileList method; a long argument to the (5) GetServerVersion, (6) GetResourceList, or (7) DeleteResource method, related to nipplib.dll; a long uploadPath argument to the (8) UploadPrinterDriver or (9) UploadResource method, related to URIs; (10) a long seventh argument to the UploadResource method; a long string in the (11) second, (12) third, or (13) fourth argument to the GetDriverSettings method, related to the IppGetDriverSettings function in
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://secunia.com/advisories/30667http://secunia.com/secunia_research/2008-27/advisory/http://www.securityfocus.com/bid/30813https://exchange.xforce.ibmcloud.com/vulnerabilities/44616http://secunia.com/advisories/30667http://secunia.com/secunia_research/2008-27/advisory/http://www.securityfocus.com/bid/30813https://exchange.xforce.ibmcloud.com/vulnerabilities/44616
2008-11-26
Published