OSVDB ID: 25429

Title: Novell Client for Windows DPRPC library (DPRPCW32.DLL) ndps_xdr_array Function Remote Overflow

Info

Disclosure

May 09, 2006

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Novell Client for Windows NT/2000/XP contains a flaw related to the error in DPRPCW32.DLL that may allow an attacker to cause a buffer overflow. No further details have been provided.

Classification

Location: Local Access Required, Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity, Impact Unknown
Exploit: Exploit Unknown
Disclosure: OSVDB Verified, Vendor Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, vendor has released a BETA patch 491psp2_dprpcw32.exe to address this vulnerability.

Products

Novell, Inc.	Novell Client for Windows NT/2000/XP	4.83 SP3
		4.90 SP2
		4.91 SP2

References

Security Tracker: 1016052
Bugtraq ID: 17931
Secunia Advisory ID: 20048
CVE ID: 2006-2304 (see also: NVD)
SCIP VulDB ID: 2219
VUPEN Advisory: ADV-2006-1759
Vendor Specific News/Changelog Entry: http://support.novell.com/cgi-bin/search/searchtid.cgi?/2973719.htm
Keyword: TID2973719

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/25429

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Novell, Inc.

Novell Client for Windows NT/2000/XP

References

Credit