CVE-2010-4227

Currently unrated

Key Information:

Vendor: Novell
Status: Netware
Vendor: CVE Published:; 25 February 2011

Summary

The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before SP8 allows remote attackers to cause a denial of service (abend) or execute arbitrary code via a crafted, signed value in a NFS RPC request to port UDP 1234, leading to a stack-based buffer overflow.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/65625

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/46535

vdb-entryx_refsource_BID

http://www.vupen.com/english/advisories/2011/0497

vdb-entryx_refsource_VUPEN

EPSS Score

93% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Feb 25, 2011
Vulnerability Reserved
Nov 10, 2010

Collectors

NVD DatabaseMitre Database