Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1350

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2009-1350
Last Modified 21 Apr 2009 12:00:00
Published 21 Apr 2009 12:24:52
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-1350

Summary

Unspecified vulnerability in xtagent.exe in Novell NetIdentity Client before 1.2.4 allows remote attackers to execute arbitrary code by establishing an IPC$ connection to the XTIERRPCPIPE named pipe, and sending RPC messages that trigger a dereference of an arbitrary pointer.

Vulnerable Systems

Application

  • Novell Netidentity Client1.2.3


References

MISC - http://www.zerodayinitiative.com/advisories/ZDI-09-016/

VUPEN - ADV-2009-0954

CONFIRM - http://download.novell.com/Download?buildid=6ERQGPjRZ8o~

MISC - https://bugzilla.novell.com/show_bug.cgi?id=437511

SECTRACK - 1021990

BID - 34400

BUGTRAQ - 20090406 ZDI-09-016: Novell Client/NetIdentity Agent Remote Arbitrary Pointer Dereference Code Execution Vulnerability


Last Updated: 27 May 2016 10:50:32