ZDI-12-007 : Novell Netware XNFS.NLM STAT Notify Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-007 : Novell Netware XNFS.NLM STAT Notify Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-007 January 5, 2012 - -- CVE ID: - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected Vendors: Novell - --...

Novell Netware XNFS.NLM STAT Notify Remote Code Execution

Application: Novell Netware XNFS.NLM STAT Notify Remote Code Execution Vulnerability Platforms: Novell Netware 6.5 SP8 Exploitation: Remote code execution CVE Number: Novell TID: 5117430 ZDI: ZDI-12-07 PRL: 2012-01 Author: Francis Provencher Protek Research Lab's Website:...

Novell Netware - XNFS.NLM STAT Notify Remote Code Execution

Novell Netware - XNFS.NLM STAT Notify Remote Code Execution Application: Novell Netware XNFS.NLM STAT Notify Remote Code Execution Vulnerability Platforms: Novell Netware 6.5 SP8 Exploitation: Remote code execution CVE Number: Novell TID: 5117430 ZDI: ZDI-12-07 PRL: 2012-01 Author: Francis...

Novell Netware XNFS.NLM STAT Notify Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Netware. Authentication is not required to exploit this vulnerability. The flaw exists within the xnfs.nlm component which is used when handling NFS RPC requests. This process listens on UDP...