lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <238db9430605150740m60a5cdb4j339c2fd7357158b4@mail.gmail.com>
Date: Mon, 15 May 2006 09:40:07 -0500
From: "Ryan Smith" <whatstheaddress@...il.com>
To: bugtraq@...urityfocus.com, full-disclosure@...ts.grok.org.uk
Subject: Novell NDPS Remote Vulnerability (Server & Client)


Summary:
There's an integer overflow present that affects Novell Windows
clients and Novell Netware server and Novell Open Enterprise server.

Impact:
Remote, unauthenticated, super-user privileges.

Affected software:
Novell Netware (All versions)
Novell Open Enterprise Server (All NetWare based versions)
Novell Netware Client for Windows (All versions)

Credit:
Ryan Smith & Alex Wheeler

Details & Patch information:
http://www.hustlelabs.com/novell_ndps_advisory.pdf

Vendor links:
http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=9145&sliceId=SAL_Public&dialogID=3455056&stateId=0%200%203453353
http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=1076&sliceId=SAL_Public&dialogID=3455056&stateId=0%200%203453353

License:
This work is licensed under the Creative Commons Attribution 2.5
License. To view a copy of this license, visit
http://creativecommons.org/licenses/by/2.5/ or send a letter to
Creative Commons, 543 Howard Street, 5th Floor, San Francisco,
California, 94105, USA.

Attribution should be provided both in the form of a link or reference
to http://www.hustlelabs.com and a copy of the researchers' names
listed under the Credit section of this document.

All other trademarks and copyrights referenced in this document are
the property of their respective owners.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ