Novell File Reporter NFRAgent.exe VOL tag buffer overflow

2012-10-12T00:00:00
ID SAINT:ACC2621671845CCE1AAB759138C5B9A6
Type saint
Reporter SAINT Corporation
Modified 2012-10-12T00:00:00

Description

Added: 10/12/2012
BID: 55268
OSVDB: 85503

Background

Novell File Reporter is software that allows network administrators to identify files stored on the network and generates reports regarding the size of individual files, file type, when files were last accessed, and where duplicates exist.

Problem

A buffer overflow vulnerability when parsing tags inside the VOL element allows a remote, unauthenticated attacker to execute arbitrary commands with SYSTEM privileges.

Resolution

Restrict access to port 3037/tcp.

References

<http://www.zerodayinitiative.com/advisories/ZDI-12-167/>

Limitations

Exploit works on Novell File Reporter 1.0.1.1.

This exploit requires the Digest::MD5 and IO::Socket::SSL PERL modules.

Platforms

Windows XP