Skip to main content

Novell NetWare XNFS.NLM "xdrDecodeString()" Buffer Overflow Vulnerability

Last Update Date: 25 Nov 2011 10:01 Release Date: 25 Nov 2011 5324 Views

RISK: Medium Risk

TYPE: Operating Systems - Others OS

TYPE: Others OS

A vulnerability has been identified in Novell NetWare, which can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to an error within the "xdrDecodeString()" function in XNFS.NLM when processing certain NFS requests. This can be exploited to cause a stack-based buffer overflow by sending a specially crafted datagram.

Successful exploitation may allow execution of arbitrary code.


Impact

  • Remote Code Execution

System / Technologies affected

  • Novell Netware 6.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Apply security fix xnfs8d.zip

Vulnerability Identifier


Source


Related Link