Denial of Service and Code Execution Vulnerability in Novell Netware 6.5 NFS
CVE-2010-4227

Currently unrated

Key Information:

Vendor

Novell
Status
Netware
Vendor
CVE Published:
25 February 2011

Badges

πŸ‘Ύ Exploit Exists🟑 Public PoC🟣 EPSS 38%

What is CVE-2010-4227?

The xdrDecodeString function within the NFS component of Novell Netware 6.5 prior to Service Pack 8 is susceptible to a vulnerability that can be exploited by remote attackers. By sending a specially crafted and signed value in an NFS RPC request directed to UDP port 1234, an attacker can cause a denial of service, potentially crashing the application, or may execute arbitrary code, leading to severe impacts on system integrity and security. This flaw underscores the importance of promptly applying security updates and monitoring NFS interactions.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2010-4227 - Proof of Concept

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/65625
vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/46535
vdb-entryx_refsource_BID
http://www.vupen.com/english/advisories/2011/0497
vdb-entryx_refsource_VUPEN

EPSS Score

38% chance of being exploited in the next 30 days.

Timeline

  • 🟑

    Public PoC available

  • πŸ‘Ύ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

JSON
.