Novell iPrint Client GetDriverSettings Buffer Overflow Vulnerability

Release date:
Updated on:

Affected Systems:
Novell iPrint Client for Windows 5.77
Novell iPrint Client for Windows 5.76
Novell iPrint Client for Windows 5.75
Novell iPrint Client for Windows 5.74
Novell iPrint Client for Windows 5.73
Novell iPrint Client for Windows 5.72
Novell iPrint Client for Windows 5.64
Novell iPrint Client for Windows 5.56
Novell iPrint Client for Windows 5.52
Novell iPrint Client for Windows 5.44
Novell iPrint Client for Windows 5.32
Novell iPrint Client for Windows 5.30
Novell iPrint Client for Windows 5.08
Novell iPrint Client for Windows 5.06
Novell iPrint Client for Windows 5.04
Novell iPrint Client for Windows 4.38
Novell iPrint Client for Windows 4.36
Novell iPrint Client for Windows 4.34
Unaffected system:
Novell iPrint Client for Windows 5.78
Description:
--------------------------------------------------------------------------------
Bugtraq id: 51926
CVE (CAN) ID: CVE-2011-4187

Novell iPrint is the print solution.

On Windows, the GetDriverSettings function of earlier than Novell iPrint Client 5.78 has a buffer overflow vulnerability. Through ultra-long realm fields, arbitrary code can be remotely executed.

<* Source: gwslabs.com
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

Novell
------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://support.novell.com/security-alerts