Update Protection against Novell iPrint Client Remote File Deletion Vulnerability
| Check Point Reference: | CPAI-2010-399 | |
| Date Published: | ||
| Severity: | ||
| Source: | Secunia Advisory: SA40782 | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? Novell iPrint Client for Windows prior to 5.42 | ||
| Vulnerability Description A design weakness exists in Novell iPrint web client. Novell iPrint Client is an application that allows users to install and manage printers, or submit print jobs from remote locations using a web browser. The application allows printer driver download and installation, browser-enabled printer interface, and customizable user interface among other capabilities. An attacker might exploit this vulnerability to create a denial of service condition or to remove files from the user's system. |
||
|
Update/Patch Available Apply patches: Novell |
|
|
Vulnerability Details The vulnerability is due to a design error in nipplib.dll which is called by the ActiveX control, ienipp.ocx. The input parameter is not sufficiently verified, allowing an attacker the ability to delete arbitrary files. A remote attacker can exploit this vulnerability by enticing a user to access a malicious website. This can lead to removal of all the files on a user's system rendering the system non bootable and causing a denial of service condition. |
Protection Overview
This protection will detect and block attempts to exploit this vulnerability.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, Protection taband select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.