Info

Disclosure

May 08, 2006

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

A remote overflow exists in Novell NetWare Distributed Print Services. The DPRPCNLM.NLM NDPS/iPrint module fails to properly handle malformed requests resulting in a integer overflow. With a specially crafted request, an attacker can cause the system to crash or possibly execute arbitrary code.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Unknown
Disclosure: OSVDB Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, vendor has released a patch dprpc_security.exe to address this vulnerability.

Products

Novell, Inc.	Netware	6.5
		6.5 SP5
		6.5 SP4
		6.5 SP3
		6.5 SP2
		6.5 SP1
		6.5 SP1.1(b)
		6.5 SP1.1(a)

References

Bugtraq ID: 17922
CVE ID: 2006-2327 (see also: NVD)
ISS X-Force ID: 26314
VUPEN Advisory: ADV-2006-1740
Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0365.html
Vendor Specific Solution URL: http://support.novell.com/cgi-bin/search/searchtid.cgi?/2973700.htm
Other Advisory URL: http://www.hustlelabs.com/novell_ndps_advisory.pdf
Keyword: TID2973700

Credit

Ryan Smith - whatstheaddressgmail.com - Hustle Labs
Alex Wheeler - advisorieshustlelabs.com - Hustle Labs

Direct URL: http://osvdb.org/25433

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Novell, Inc.

Netware

References

Credit