PT-2006-6527 · Novell · Novell Netware Client

Published

2006-12-03

Updated

2018-10-17

CVE-2006-5854

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Novell Netware Client versions 4.91 through 4.91 SP2

Description The issue is related to multiple buffer overflows in the Spooler service, specifically in the nwspool.dll component. This allows remote attackers to execute arbitrary code by providing a long argument to the EnumPrinters and OpenPrinter functions.

Recommendations For Novell Netware Client versions 4.91 through 4.91 SP2, consider disabling the Spooler service or restricting access to the EnumPrinters and OpenPrinter functions as a temporary workaround until a patch is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-5854

Affected Products

Novell Netware Client

PT-2006-6527 · Novell · Novell Netware Client

CVE-2006-5854

Related Identifiers

Affected Products

References · 16