Stack-based Buffer Overflow in Netware SMB for Novell Netware 6.5 and Earlier
CVE-2010-2351

Currently unrated

Key Information:

Vendor: Novell
Status: Netware
Vendor: CVE Published:; 21 June 2010

Summary

The CIFS.NLM driver in Netware SMB 1.0 is susceptible to a stack-based buffer overflow. This vulnerability enables remote attackers to execute arbitrary code by sending a Sessions Setup AndX packet containing a long AccountName. This exploitation can lead to unauthorized access and control over the affected system.

References

http://www.stratsec.net/Research/Advisories/SS-2010-006-N...

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/59501

vdb-entryx_refsource_XF

http://secunia.com/advisories/40199

third-party-advisoryx_refsource_SECUNIA

EPSS Score

17% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 21, 2010
Vulnerability Reserved
Jun 21, 2010