|
Novell Client NMAS Login Prompt Format String Weakness
|
|
Secunia Advisory:
|
SA23363
|
|
|
Release Date:
|
2006-12-13
|
|
Popularity:
|
6,736 views
|
|
|
Critical:
|
Not critical
|
|
Impact:
|
Exposure of sensitive information
DoS
|
|
Where:
|
Local system
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | Novell Client for Windows NT/2000/XP 4.x
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities 
|
|
Description:
Deral Heiland has reported a weakness in Novell Client, which can be exploited by malicious, local users to gain knowledge of sensitive information or cause a DoS (Denial of Service).
The weakness is caused due to a format string error within the processing of the "Username" field in the NMAS (Novell Modular Authentication Services) Information message window. This can be exploited to read arbitrary memory or crash the service via format string specifiers in the "Username" field and selecting "Sequences" under the NMAS tab.
The weakness is reported in versions 4.91 SP2, 4.91 SP2 Patch Kit, and 4.91 SP3. Other versions may also be affected.
Solution:
Apply vendor patch.
Provided and/or discovered by:
Deral Heiland, Layered Defense Research
Original Advisory:
Novell:
https://secure-support.novell.com/Kan...lishing/372/3546910_f.SAL_Public.html
Layered Defense Research:
http://www.layereddefense.com/Novell01DEC.html
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
