Buffer Overflow Vulnerability in Novell Open Enterprise Server 2
CVE-2011-3173

Currently unrated

Key Information:

Vendor: Novell
Status: Iprint Open Enterprise Server 2
Vendor: CVE Published:; 30 November 2011

Summary

A buffer overflow issue exists in the GetDriverSettings function within nipplib.dll of the iPrint client for Novell Open Enterprise Server 2 SP3. This vulnerability can be exploited by remote attackers to execute arbitrary code by sending specially crafted input, specifically a long hostname or port field. Successful exploitation may allow attackers to gain unauthorized control over affected systems, emphasizing the importance of timely updates and security measures.

References

http://support.novell.com/docs/Readmes/InfoDocument/patch...

x_refsource_CONFIRM

https://bugzilla.novell.com/show_bug.cgi?id=707730

x_refsource_CONFIRM

http://www.zerodayinitiative.com/advisories/ZDI-11-309/

x_refsource_MISC

EPSS Score

14% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Nov 30, 2011