Lucene search

[email protected]CVE-2010-4227

HistoryFeb 25, 2011 - 7:00 p.m.

CVE-2010-4227

2011-02-2519:00:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2010-4227

xnfs.nlm

novell netware 6.5

sp8

remote attackers

denial of service

execute arbitrary code

nfs

rpc

udp 1234

buffer overflow

8 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.94 High

EPSS

Percentile

99.1%

JSON

The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before SP8 allows remote attackers to cause a denial of service (abend) or execute arbitrary code via a crafted, signed value in a NFS RPC request to port UDP 1234, leading to a stack-based buffer overflow.

CPENameOperatorVersion
novell:netwarenovell netwareeq6.5

CPE	Name	Operator	Version
novell:netware	novell netware	eq	6.5

References

download.novell.com/Download?buildid=1z3z-OsVCiE~

secunia.com/advisories/43431

securityreason.com/securityalert/8104

www.exploit-db.com/exploits/16234

www.protekresearchlab.com/index.php?option=com_content&view=article&id=24&Itemid=24

www.securityfocus.com/archive/1/516645/100/0/threaded

www.securityfocus.com/bid/46535

www.securitytracker.com/id?1025119

www.vupen.com/english/advisories/2011/0497

www.zerodayinitiative.com/advisories/ZDI-11-090

exchange.xforce.ibmcloud.com/vulnerabilities/65625

8 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.94 High

EPSS

Percentile

99.1%

JSON

Related for CVE-2010-4227

checkpoint_advisories1 zdi1 securityvulns2 packetstorm1 prion1