Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6701

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2007-6701
Last Modified 05 Sep 2008 05:33:55
Published 13 Feb 2008 04:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-6701

Summary

Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP4 for Windows allow remote attackers to execute arbitrary code via long arguments to multiple unspecified RPC functions, aka Novell bug 287919, a different vulnerability than CVE-2007-2954.

Vulnerable Systems

Application

  • Novell Client 4.91


References

MISC - http://www.zerodayinitiative.com/advisories/ZDI-07-045.html

BID - 25092

SECUNIA - 26238

XF - novell-nwspool-unspecified(35653)

CONFIRM - http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5005400.html

SECTRACK - 1018471

BUGTRAQ - 20070806 ZDI-07-045: Novell Client NWSPOOL.DLL Stack Overflow Vulnerability


Last Updated: 27 May 2016 10:46:36