This Metasploit module exploits a stack overflow in Novell iPrint Client 5.30. When passing a specially crafted date/time string via certain parameters to ienipp.ocx an attacker can execute arbitrary code. NOTE: The "operation" variable must be set to a valid command in order to reach this vulnerability.
d7a900baf7b2a1781f51cf39aaa60a9ff5c046184121c6bec715419a7d4484f4Secunia Research has discovered a vulnerability in Novell iPrint Client, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error in the parsing of certain time information and can be exploited to cause a stack-based buffer overflow via overly long strings passed to certain parameters and methods. Successful exploitation allows execution of arbitrary code when a user e.g. views a malicious web page.
eda12f9edd3a280e8c371650a98aa6cb2763e17eee0ae0743c3b314aac748bbf
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed