CVE-2009-1350

Name of the Vulnerable Software and Affected Versions Novell NetIdentity Client versions prior to 1.2.4

Description The issue allows remote attackers to execute arbitrary code by establishing an IPC$ connection to the XTIERRPCPIPE named pipe and sending RPC messages that trigger a dereference of an arbitrary pointer.

Recommendations For versions prior to 1.2.4, update to version 1.2.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the XTIERRPCPIPE named pipe to minimize the risk of exploitation.