Novell NetWare "CIFS.NLM" SMB Request Buffer Overflow Vulnerability
RISK: Medium Risk
A vulnerability has been identified in Novell NetWare, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused by a buffer overflow error in the "CIFS.NLM" driver when processing SMB "Sessions Setup AndX" packets containing an overly long "AccountName" field, which could be exploited by remote unauthenticated attackers to crash an affected system or execute arbitrary code with elevated privileges.
Impact
- Remote Code Execution
System / Technologies affected
- Novell NetWare version 6.5 SP8 and prior
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
Apply patch :
http://download.novell.com/Download?buildid=tMWCI1cdI7s~
Vulnerability Identifier
- No CVE information is available
Source
Related Link
Share with