Novell Client software provides NetWare connectivity to Windows platforms.
**nwspool.dll** library in Novell Client is affected by buffer overflows in the
**OpenPrinter** functions, allowing remote attackers to execute arbitrary commands by sending a specially crafted RPC request to the Spooler service.
**491psp3_nwspool.exe**. Patches are available from Novell.
Exploit works on Novell Client 4.91 SP3 on Windows 2000.