Stack-based Buffer Overflow in Novell Client by Novell
CVE-2008-2145

Currently unrated

Key Information:

Vendor: Novell
Status: Client
Vendor: CVE Published:; 12 May 2008

Summary

A stack-based buffer overflow vulnerability exists in Novell Client versions 4.91 SP4 and earlier, where local users can exploit the 'forgotten password' dialog. By inputting an overly long username, malicious actors may cause the application to crash, resulting in a denial of service. There is also a risk that this vulnerability could be leveraged to execute arbitrary code, posing a significant threat to system integrity.

References

http://www.vupen.com/english/advisories/2008/1503

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/bid/29109

vdb-entryx_refsource_BID

http://securityreason.com/securityalert/3868

third-party-advisoryx_refsource_SREASON

Timeline

Vulnerability published
May 12, 2008
Vulnerability Reserved
May 12, 2008