Security Vulnerability - Novell iPrint Server attributes-natural-language Remote Code Execution Vulnerability

  • 7010084
  • 31-Jan-2012
  • 27-Apr-2012

Environment

Novell iPrint for Linux Open Enterprise Server Support Pack 3
Novell Open Enterprise Server 2 (OES 2) Linux Support Pack 3

Situation

Security Vulnerability - Novell iPrint Server attributes-natural-language Remote Code Execution Vulnerability. This is a simple buffer overflow issue.

Resolution

This security vulnerability is resolved in the post OES2 SP3 patch 7885, available here:

for x86_64:
https://download.novell.com/Download?buildid=yIR7hdR-ywY~
 
for x86:
https://download.novell.com/Download?buildid=sr-Gtey7LG0~

Status

Security Alert

Additional Information

ZDI-CAN-1354: Novell iPrint Server attributes-natural-language Remote Code Execution Vulnerability. This vulnerability was found by G. Geshev, working with TippingPoint's Zero Day Initiative. CVE-2011-4194