CVE-2010-4328

Related Files

Novell Iprint LPD Remote Code Execution

Posted Feb 19, 2011

Authored by Francis Provencher

Novell Iprint LPD remote code execution exploit.

tags | exploit, remote, code execution

advisories | CVE-2010-4328

SHA-256 | ae058abd9f7bac1e4a5b8fbb2d5aed21a602a517a2bb70ef19c5bca552bb9b15

Download | Favorite | View

Zero Day Initiative Advisory 11-087

Posted Feb 17, 2011

Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-087 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Server. Authentication is not required to exploit this vulnerability. The flaw exists within the '/opt/novell/iprint/bin/ipsmd' component this component communicates with 'ilprsrvd' which listens on TCP port 515. When handling multiple LPR opcodes the process blindly copies user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the iprint user.

tags | advisory, remote, arbitrary, tcp

advisories | CVE-2010-4328

SHA-256 | d7e0117a956cd472bee18fe8352467a732e437b089cf3146bcd59c8a6c723556

Download | Favorite | View