| VID |
28174 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The Novell Client software has a buffer overflow vulnerability in the 'nwspool.dll' library. Novell Client for Windows is vulnerable to a buffer overflow attack, caused by improper bounds checking in the Novell Client Print Provider for Windows (nwspool.dll) when processing malformed arguments passed to the "OpenPrinter()" or "EnumPrinters()" functions. By sending specially-crafted RPC requests, a remote attacker could overflow a buffer and execute arbitraty code on the affected system or cause the system to crash.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974765.htm
http://www.novell.com/support/search.do?cmd=displayKC&externalId=3125538&sliceId=SAL_Public
http://www.zerodayinitiative.com/advisories/ZDI-06-043.html
http://www.securityfocus.com/archive/1/archive/1/453012/100/0/threaded
http://www.frsirt.com/english/advisories/2006/4631
http://secunia.com/advisories/23027/
* Platforms Affected:
Novell NetWare Client 4.91 versions prior to 4.91 Post-SP3
Microsoft Windows Any version |
| Recommendation |
Install the 491psp3_nwspool.exe patch file, as listed in the Novell Technical Information Document TID2974765 at http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974765.htm |
| Related URL |
CVE-2006-6114 (CVE) |
| Related URL |
21220 (SecurityFocus) |
| Related URL |
30461 (ISS) |
|
