Lucene search

PRIOn knowledge basePRION:CVE-2010-4227

HistoryFeb 25, 2011 - 7:00 p.m.

Stack overflow

2011-02-2519:00:00

PRIOn knowledge base

www.prio-n.com

8.4 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.94 High

EPSS

Percentile

99.1%

JSON

The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before SP8 allows remote attackers to cause a denial of service (abend) or execute arbitrary code via a crafted, signed value in a NFS RPC request to port UDP 1234, leading to a stack-based buffer overflow.

CPENameOperatorVersion
netwareeq6.5
netwareeq6.5 sp1
netwareeq6.5 sp4
netwarele6.5
netwareeq6.5 sp2
netwareeq6.5 sp6
netwareeq6.5 sp3
netwareeq6.5 sp5

Name	Operator	Version
netware	eq	6.5
netware	eq	6.5 sp1
netware	eq	6.5 sp4
netware	le	6.5
netware	eq	6.5 sp2
netware	eq	6.5 sp6
netware	eq	6.5 sp3
netware	eq	6.5 sp5

References

download.novell.com/Download?buildid=1z3z-OsVCiE~

secunia.com/advisories/43431

securityreason.com/securityalert/8104

www.protekresearchlab.com/index.php?option=com_content&view=article&id=24&Itemid=24

www.securityfocus.com/archive/1/516645/100/0/threaded

www.securityfocus.com/bid/46535

www.securitytracker.com/id?1025119

www.vupen.com/english/advisories/2011/0497

www.zerodayinitiative.com/advisories/ZDI-11-090

exchange.xforce.ibmcloud.com/vulnerabilities/65625

www.exploit-db.com/exploits/16234

8.4 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.94 High

EPSS

Percentile

99.1%

JSON

Related for PRION:CVE-2010-4227