| VID |
28177 |
| Severity |
30 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The Novell Client software has an unauthorized access vulnerability in the 'nwgina.dll' library. The file 'nwgina.dll' in Novell Client for Windows version 4.91 SP3 and earlier versions do not delete user profiles during a Terminal Service or Citrix session, which could allow a remote authenticated attacker to invoke alternate user profiles. A remote authenticated attacker could exploit this vulnerability to bypass security restrictions and gain unauthorized access with the permissions of another user.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974970.htm
http://www.frsirt.com/english/advisories/2007/0064
http://securitytracker.com/alerts/2007/Jan/1017471.html
http://secunia.com/advisories/23619/
* Platforms Affected:
Novell Client for Windows version 4.91 SP3 and earlier versions
Microsoft Windows Any version |
| Recommendation |
Install the 491psp3_nwgina.exe patch file, as listed in the Novell Technical Information Document TID2974970 at http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974970.htm |
| Related URL |
CVE-2007-0108 (CVE) |
| Related URL |
21886 (SecurityFocus) |
| Related URL |
31343 (ISS) |
|
