CVE-2010-0317

Name of the Vulnerable Software and Affected Versions Novell Netware version 6.5 SP8

Description The issue allows remote attackers to cause a denial of service, resulting in a NULL pointer dereference, memory consumption, ABEND, and crash. This is achieved by sending a large number of malformed or AFP requests that are not properly handled by the CIFS functionality in CIFS.nlm Semantic Agent or the AFP functionality in AFPTCP.nlm.

Recommendations For Novell Netware version 6.5 SP8, consider restricting access to the CIFS and AFP functionalities until a proper fix is available. As a temporary workaround, limiting the number of incoming requests may help minimize the risk of exploitation.