Security Vulnerability - Novell iPrint Server attributes-natural-language Remote Code Execution Vulnerability
This document (7010084) is provided subject to the disclaimer at the end of this document.
Environment
Novell iPrint for Linux Open Enterprise Server Support Pack 3
Novell Open Enterprise Server 2 (OES 2) Linux Support Pack 3
Novell Open Enterprise Server 2 (OES 2) Linux Support Pack 3
Situation
Security Vulnerability - Novell iPrint Server attributes-natural-language Remote Code Execution Vulnerability. This is a simple buffer overflow issue.
Resolution
This security vulnerability is resolved in the post OES2 SP3 patch 7885, available here:
for x86_64:
http://download.novell.com/Download?buildid=yIR7hdR-ywY~
for x86:
http://download.novell.com/Download?buildid=sr-Gtey7LG0~
for x86_64:
http://download.novell.com/Download?buildid=yIR7hdR-ywY~
for x86:
http://download.novell.com/Download?buildid=sr-Gtey7LG0~
Status
Security AlertAdditional Information
ZDI-CAN-1354: Novell iPrint Server attributes-natural-language Remote Code Execution Vulnerability. This vulnerability was found by G. Geshev, working with TippingPoint's Zero Day Initiative. CVE-2011-4194
Disclaimer
This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:7010084
- Creation Date:31-JAN-12
- Modified Date:27-APR-12
- NovelliPrintOpen Enterprise Server
Did this document solve your problem? Provide Feedback