[25386] in bugtraq
cqure.net.20020412.netware_client.a
daemon@ATHENA.MIT.EDU (Patrik Karlsson)
Wed May 8 15:34:49 2002
Message-ID: <002001c1f677$6643b920$0401a8c0@lab.se>
From: "Patrik Karlsson" <patrik.karlsson@se.pwcglobal.com>
To: <bugtraq@securityfocus.com>
Date: Wed, 8 May 2002 12:02:01 +0200
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
cqure.net Security Vulnerability Report
No: cqure.net.20020412.netware_client.a
========================================
Vulnerability Summary
---------------------
Problem: Multiple buffer overflow conditions exist in the
Novell Netware client for Windows.
Threat: An attacker could crash any software relying on
name resolution, like ping, traceroute, rexec
and rsh.
Affected Software: Novell Netware Client 4.83.
Platform: Windows 2000/XP verified.
Vulnerability Description
-------------------------
If one would run the command ping with a long hostname an access
violation would occur. Depending on the length of the hostname the
program will crash in different locations. This might be interesting
in a WTS or Citrix environment. We have looked very briefly at the
problem and therefore can't comment on the impact of this issue.
Solution
--------
Install patch from Novell as soon as it becomes available.
Additional Information
----------------------
Novell was contacted 20020412.
This vulnerability was found and researched by
Patrik Karlsson & Jonas Ländin
patrik.karlsson@se.pwcglobal.com
jonas.landin@ixsecurity.com
This document is also available at: http://www.cqure.net/advisories/
