Computer Security

Novell Netware integer overflow
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Novell Netware integer overflow
Published:24.02.2011
Source:BUGTRAQ
SecurityVulns ID:11458
Type:remote
Level:7/10
Description:Integer overflow on XNFS (UDP/1234) processing.
CVE:CVE-2010-4227 (The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before SP8 allows remote attackers to cause a denial of service (abend) or execute arbitrary code via a crafted, signed value in a NFS RPC request to port UDP 1234, leading to a stack-based buffer overflow.)
Original documentdocumentZDI, ZDI-11-090: Novell Netware RPC XNFS xdrDecodeString Remote Code Execution Vulnerability (24.02.2011)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru