SAINT CorporationSAINT:E7117908DD35DFC181D90450147D3D97Novell File Reporter Agent XML Parser Buffer Overflow
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.87 High
EPSS
Percentile
98.7%
Added: 05/16/2011
CVE: CVE-2011-0994
BID: 47144
OSVDB: 71980
Background
Novell File Reporter is software that allows network administrators to identify files stored on the network and generates reports regarding the size of individual files, file type, when files were last accessed, and where duplicates exist.
Problem
A stack overflow vulnerability exists in the agent process (NFRAgent.exe) of Novell File Reporter versions prior to 1.0.2. A remote attacker may send a malicious XML request to execute arbitrary code on the host.
Resolution
Upgrade to Novell File Reporter 1.0.2 or higher.
References
<http://download.novell.com/Download?buildid=rCAgCcbPH9s~>
<http://www.zerodayinitiative.com/advisories/ZDI-11-116/>
Limitations
This exploit has been tested against Novell File Reporter 1.0.1.1 running in Microsoft Windows Server 2003 SP2 English (DEP AlwaysOff) and Microsoft Windows XP SP3 English (DEP OptIn). This exploit requires the IO::Socket::SSL PERL module.
Platforms
Windows Server 2003
Windows XP
Related
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.87 High
EPSS
Percentile
98.7%