Novell File Reporter is software that allows network administrators to identify files stored on the network and generates reports regarding the size of individual files, file type, when files were last accessed, and where duplicates exist.
A buffer overflow vulnerability when parsing tags inside the VOL element allows a remote, unauthenticated attacker to execute arbitrary commands with SYSTEM privileges.
Restrict access to port 3037/tcp.
Exploit works on Novell File Reporter 22.214.171.124.
This exploit requires the Digest::MD5 and IO::Socket::SSL PERL modules.