CVE-2008-1701

Novell NetWare 6.5 allows attackers to cause a denial of service ABEND via a crafted Macintosh iPrint client request...

CVE-2008-1701

Novell NetWare 6.5 is affected. The vulnerability allows an attacker to cause a denial of service (ABEND) by sending a crafted Macintosh iPrint client request. The issue appears to be triggered via iPrint client interactions, with CVSS metrics indicating a network-vector, low complexity, no authe...

Novell客户端nwspool.dll EnumPrinters RPC请求远程栈溢出漏洞

BUGTRAQ ID: 27741 CVECAN ID: CVE-2008-0639 Novell Client是允许NetWare连接到Windows的工作站软件。 Novell Client的Spooler服务（nwspool.dll）负责处理通过spoolss命名管道所提交的RPC请求，该DLL所暴露的EnumPrinters函数存在逻辑错误，允许远程攻击者通过提交恶意的RPC请求触发栈溢出，导致执行任意指令。 出现这个漏洞是由于没有正确地修复CVE-2007-6701漏洞。 Novell Client 4.91 SP4 Novell Client 4.91 SP3 Novell...

Immunity Canvas: NWSPOOL_C

Name| nwspoolc ---|--- CVE| CVE-2008-0639 Exploit Pack| CANVAS Description| Novell Netware Client for Windows Notes| CVE Name: CVE-2008-0639 VENDOR: Novell Notes: Use the setthreadtoken module to revert back to LocalSystem once the exploitation is successful Platforms Tested: References:...

Novell Netware Client buffer overflow

NWSPOOL.DLL EnumPrinters buffer overflow...

Novell Client NWSPOOL.DLL EnumPrinters Stack Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of the Novell Netware Client. Authentication is not required to exploit this vulnerability. The specific flaw exists in nwspool.dll which is responsible for handling RPC requests through...

Novell NetWare LSASS CIFS.NLM Driver Stack Buffer Overflow

This module exploits a stack buffer overflow in the NetWare CIFS.NLM driver. Since the driver runs in the kernel space, a failed exploit attempt can cause the OS to reboot. This module requires Metasploit: https://metasploit.com/download Current source:...

NetWare Command Shell, Reverse TCP Stager

Connect to the NetWare console staged. Connect back to the attacker This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasm' module MetasploitModule CachedSize = 281 include Msf::Payload::Stager include...

iDefense Security Advisory 01.09.08: Novell NetWare Client nicm.sys Local Privilege Escalation Vulnerability

iDefense Security Advisory 01.09.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 09, 2008 I. BACKGROUND The Novell Client software provides a workstation with access to Novell NetWare networks as well as Novell Open Enterprise Server OES services. Novell Clients can access the full...

Novell Netware Client privilege escalation

.nicm device allows memory manipulation in kernel context...

Code injection

NICM.SYS driver 3.0.0.4, as used in Novell NetWare Client 4.91 SP4, allows local users to execute arbitrary code by opening the \.\nicm device and providing crafted kernel addresses via IOCTLs with the METHODNEITHER buffering mode...

CVE-2007-5762

NICM.SYS driver 3.0.0.4, as used in Novell NetWare Client 4.91 SP4, allows local users to execute arbitrary code by opening the \.\nicm device and providing crafted kernel addresses via IOCTLs with the METHODNEITHER buffering mode...

CVE-2007-5762

NICM.SYS driver 3.0.0.4, as used in Novell NetWare Client 4.91 SP4, allows local users to execute arbitrary code by opening the \.\nicm device and providing crafted kernel addresses via IOCTLs with the METHODNEITHER buffering mode...

CVE-2007-5762

CVE-2007-5762 affects the NICM.SYS driver (3.0.0.4) used by Novell NetWare Client 4.91 SP4. The vulnerability allows local users to escalate privileges to kernel mode by opening the .icm device and sending crafted IOCTLs with METHOD_NEITHER, passing kernel addresses as arguments. The issue arises...

Novell Client for Windows NWFILTER.SYS驱动本地权限提升漏洞

BUGTRAQ ID: 26420 CVECAN ID: CVE-2007-5667 Novell Client是允许NetWare连接到Windows的工作站软件。 Novell Client在Windows系统上的驱动实现上存在漏洞，本地攻击者可能利用此漏洞提升自己的权限。 如果在基于Windows的操作系统上安装了Novell...

Novell Netware client privilege escalation

Unprivileged user can manipulate kernel memory with .nwfilter device...

iDefense Security Advisory 11.12.07: Novell NetWare Client Local Privilege Escalation Vulnerability

iDefense Security Advisory 11.12.07 http://labs.idefense.com/intelligence/vulnerabilities/ Nov 12, 2007 I. BACKGROUND The Novell Client software provides a workstation with access to Novell NetWare networks as well as Novell Open Enterprise Server OES services. Novell Clients can access the full...

CVE-2004-2734

The CVE-2004-2734 issue affects Novell Web Manager on NetWare 6.5, where webadmin-apache.conf uses an uppercase Alias tag with a conflicting lowercase directory tag for a volume, enabling remote attackers to bypass access controls on the WEB-INF folder. This is confirmed in the NVD/NVD-derived de...

CVE-2004-2734

webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses an uppercase Alias tag with an inconsistent lowercase directory tag for a volume, which allows remote attackers to bypass access control to the WEB-INF folder...

Mercury IMAP Server SEARCH Command Remote Buffer Overflow

The remote host is running the Mercury Mail Transport System, a free suite of server products for Windows and NetWare associated with Pegasus Mail. The remote installation of Mercury Mail includes an IMAP server that is affected by a buffer overflow vulnerability. Using a specially- crafted SEARC...