Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5762

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2007-5762
Last Modified 07 Mar 2011 10:01:15
Published 09 Jan 2008 05:46:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2007-5762

Summary

NICM.SYS driver 3.0.0.4, as used in Novell NetWare Client 4.91 SP4, allows local users to execute arbitrary code by opening the \\.\nicm device and providing crafted kernel addresses via IOCTLs with the METHOD_NEITHER buffering mode.

Vulnerable Systems

Application

  • Novell Netware Client 4.91


References

BID - 27209

IDEFENSE - 20080109 Novell NetWare Client nicm.sys Local Privilege Escalation Vulnerability

CONFIRM - http://download.novell.com/Download?buildid=4FmI89wOmg4~

XF - novell-client-nicm-privilege-escalation(39576)

VUPEN - ADV-2008-0088

SECTRACK - 1019172

SECUNIA - 28396


Last Updated: 27 May 2016 10:46:16