Heap-based Buffer Overflow in Novell BorderManager Client Trust Application
CVE-2007-5767

Currently unrated

Key Information:

Vendor: Novell
Status: Bordermanager
Vendor: CVE Published:; 2 November 2007

Summary

A heap-based buffer overflow exists within the Client Trust application (clntrust.exe) in Novell BorderManager 3.8 prior to Update 1.5. This vulnerability is exploitable by remote attackers who can execute arbitrary code by sending a specially crafted validation request that does not properly delimit the Novell tree name with a wide-character backslash or NULL character.

References

http://securitytracker.com/id?1018882

vdb-entryx_refsource_SECTRACK

http://www.vupen.com/english/advisories/2007/3682

vdb-entryx_refsource_VUPEN

http://download.novell.com/Download?buildid=AuOWp2Xsvmc~

x_refsource_CONFIRM

EPSS Score

30% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 2, 2007
Vulnerability Reserved
Oct 31, 2007