Computer Security
[EN] securityvulns.ru no-pyccku


Novell Netware integer overflow
Published:24.02.2011
Source:
SecurityVulns ID:11458
Type:remote
Threat Level:
7/10
Description:Integer overflow on XNFS (UDP/1234) processing.
CVE:CVE-2010-4227 (The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before SP8 allows remote attackers to cause a denial of service (abend) or execute arbitrary code via a crafted, signed value in a NFS RPC request to port UDP 1234, leading to a stack-based buffer overflow.)
Original documentdocumentZDI, ZDI-11-090: Novell Netware RPC XNFS xdrDecodeString Remote Code Execution Vulnerability (24.02.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod