Novell NetWare XNFS.NLM Remote Denial Of Service Vulnerability
TITLE: Novell NetWare XNFS.NLM Remote Denial Of Service Vulnerability
CLASS: Boundary Condition Error
CVE: CVE-2007-3207
REMOTE: Yes
LOCAL: No
PUBLISHED: Jun 15 2007 12:00AM
UPDATE: Jun 15 2007 12:00AM
CREDIT: The vendor disclosed this issue.
VULNERABLE:
Novell Netware 6.5 SP6NOT VULNERABLE:
Vai alla pagina originale su Security Focus
Discussion
Novell NetWare is prone to a remote denial-of-service vulnerability because of inadequate boundary checks.
A remote attacker can exploit this issue to deny access to legitimate users and possibly to execute code, but this has not been confirmed.
NetWare 6.5 SP6 is vulnerable; other versions may also be affected.
Exploit
An attacker can exploit this issue via a NetWare client.
Solution
Solution:
The vendor has released a fix to address this issue. Please see the references for more information.
Novell Netware 6.5 SP6
- Novell xnfs6a.zip
MD5 dc6a813c249d16a94ac42c6f2197d209
http://download.novell.com/sendredirect?target=%2Ffree%2F8XdJVBDYifk%7E%2Fxnfs6a.zip&buildid=8XdJVBDYifk~&fileid=QSEKQSA8zG8~&mirror=AkamaiHost
References
References:
- Novell Homepage (Novell)
- XNFS Abend in rpcWorkerThread if nfs mount is attempted with long path (Novell)