10 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.794 High
EPSS
Percentile
98.3%
Added: 08/10/2007
CVE: CVE-2007-6701
BID: 25092
OSVDB: 37319
Novell Client software provides NetWare connectivity to Windows platforms.
The **nwspool.dll**
library in Novell Client is affected by buffer overflow vulnerabilities in several different functions, allowing remote attackers to execute arbitrary commands by sending a specially crafted RPC request to the Spooler service.
Install the Novell Client 4.91 Post-SP4 nwspool.dll.
<http://www.zerodayinitiative.com/advisories/ZDI-07-045.html>
Exploit works on Novell Client for Windows 4.91 SP4.
For Windows Server 2003 targets, a shared printer must be configured before running the exploit, and valid user credentials with Administrator privileges must be provided.
The Crypt::DES, Digest::MD4, and Digest::MD5 packages are required for performing Windows authentication, which is a requirement for successful exploitation on Windows Server 2003. These packages are available from <http://cpan.org/modules/by-module/>.
Windows