lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <146DCEAE811AC94D96510685EF2F92B402BE8FBA@dalexmb3.corp.nai.org>
Date: Thu, 16 Nov 2006 10:25:38 -0600
From: <David_Marcus@...fee.com>
To: <full-disclosure@...ts.grok.org.uk>
Cc: John_Viega@...fee.com, Geok_Meng_Ong@...rtlabs.com, Jeff_Green@...fee.com,
	ANTHONY_BETTINI@...fee.com
Subject: Vulnerabilities in Client Service for NetWare


McAfee, Inc.
McAfee(r) Avert(r) Labs Security Advisory
Public Release Date: 2006-11-16

Vulnerabilities in Client Service for NetWare

CVE-2006-4688, CVE-2006-4689
________________________________________________________________________
_______

*	Synopsis

The Client Service for NetWare (CSNW) allows a Windows client to access
NetWare file, print, and directory services. 

Successful exploitation could lead to execution of arbitrary code or
cause the affected system to stop responding. 
________________________________________________________________________
_______

*	Vulnerable System or Application

Microsoft Windows 2000 Service Pack 4 
Microsoft Windows XP Service Pack 2
Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service
Pack 1

________________________________________________________________________
_______

*	Vulnerability Information

CVE-2006-4688

A boundary error in Client Service for Netware (CSNW) can be exploited
to cause a buffer overflow via a specially crafted network message sent
to the system. Successful exploitation allows execution of arbitrary
code and an attacker could remotely take complete control of the
affected system.

CVE-2006-4689

A denial of service vulnerability exists in Client Service for NetWare
(CSNW) that could allow an attacker to send a specially crafted network
message to an affected system running the Client Service for NetWare
service. An attacker could cause the system to stop responding and
automatically restart thus causing the affected system to stop accepting
requests. 
________________________________________________________________________
_______

*	Resolution

Microsoft has included fixes for the Client Service for Netware (CSNW)
issues in the November 2006 Security Bulletin MS06-066 for affected
Windows platforms. 
________________________________________________________________________
_______

*	Credits

These vulnerabilities were discovered by Sam Arun Raj of McAfee Avert
Labs.

________________________________________________________________________
_______

*	Legal Notice

Copyright (C) 2006 McAfee, Inc.
The information contained within this advisory is provided for the
convenience of McAfee's customers, and may be redistributed provided
that no fee is charged for distribution and that the advisory is not
modified in any way. McAfee makes no representations or warranties
regarding the accuracy of the information referenced in this document,
or the suitability of that information for your purposes.

McAfee, Inc. and McAfee Avert Labs are registered Trademarks of McAfee,
Inc. and/or its affiliated companies in the United States and/or other
Countries.  All other registered and unregistered trademarks in this
document are the sole property of their respective owners.


Best regards,

Dave Marcus, B.A., CCNA, MCSE
Security Research and Communications Manager
McAfee(r) Avert(r) Labs
(443) 321-3771 Office
(443) 668-0048 Mobile
McAfee Threat Center
<http://www.mcafee.com/us/threat_center/default.asp> 
McAfee Avert Labs Research Blog <http://www.avertlabs.com/research/blog>



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ