CVE-2013-3697

Name of the Vulnerable Software and Affected Versions Novell Client versions 4.91 SP5 Novell Client 2 versions SP2, SP3

Description The issue is related to an integer overflow in kernel drivers, specifically NWFS.SYS and NCPL.SYS, which might allow local users to gain privileges. This can be achieved via a crafted 0x1439EB IOCTL call.

Recommendations For Novell Client version 4.91 SP5, consider restricting access to the NWFS.SYS kernel driver until a patch is available. For Novell Client 2 versions SP2 and SP3, consider disabling the NCPL.SYS kernel driver as a temporary workaround to minimize the risk of exploitation.