ZDI-11-106: Novell Netware NWFTPD.NLM DELE Remote Code Execution Vulnerability

ZDI-11-106: Novell Netware NWFTPD.NLM DELE Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-106 March 18, 2011 -- CVE ID: CVE-2010-4228 -- CVSS: 9, AV:N/AC:L/Au:S/C:C/I:C/A:C -- Affected Vendors: Novell -- Affected Products: Novell Netware -- TippingPointTM I...

CVE-2010-4228

The CVE-2010-4228 vulnerability affects Novell NetWare’s NWFTPD.NLM (DELE handling) and is a stack-based buffer overflow: user-supplied DELE data is copied into a fixed-length stack buffer, enabling remote code execution under the super user when authenticated. Affected product: NetWare NWFTPD.NL...

Novell Netware 6.5 SP8 Remote Code Execution

Application: Novell Netware NWFTPD.NLM DELE Remote Code Execution Vulnerability Platforms: Novell Netware 6.5 SP8 Exploitation: Remote code execution CVE Number: CVE-2010-4228 Novell TID: 5089510 ZDI: ZDI-11-106 PRL: 2011-05 Author: Francis Provencher Protek Research Lab's Website:...

CVE-2010-4228

creationtimestamp| type| source ---|---|--- 2011-03-21 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/17020...