This Metasploit module exploits a stack-based buffer overflow in Novell iPrint Client 5.42. When sending an overly long string to the 'call-back-url' parameter in an op-client-interface-version action of ienipp.ocx an attacker may be able to execute arbitrary code.
7cbaaf11994cc2aa297944de64087d82388e708d5b6a96ed7191080f1ca223d0
Month Of Abysssec Undisclosed Bugs - The Novell iPrint client browser plug-in suffers from a call-back-url stack overflow vulnerability.
e15b9acc21994f9d9078a6c4f417a49e8c9ca6b35628c7a53132a3f28eefa1bb
Month Of Abysssec Undisclosed Bugs - The Novell iPrint client browser plug-in suffers from a call-back-url stack overflow vulnerability.
492724e2055b09e968ab3bcf3c41de7e0dd7cea71e696ab9a8c9f6d61fd434f3
Secunia Research has discovered a vulnerability in Novell iPrint Client, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error in the handling of the "call-back-url" parameter value for a "op-client-interface-version" operation where the "result-type" parameter is set to "url". This can be exploited to cause a stack-based buffer overflow via an overly long "call-back-url" parameter value. Successful exploitation allows execution of arbitrary code when a user visits a malicious website. Version 5.42 is affected.
86ec5434f28f41769e1ad6322513f98a99f533295cafe1d92ffb54acee744c55