Novell Client nwspool.dll buffer overflow

Added: 12/01/2006
CVE: CVE-2006-5854
BID: 21220
OSVDB: 30547

Background

Novell Client software provides NetWare connectivity to Windows platforms.

Problem

The nwspool.dll library in Novell Client is affected by buffer overflows in the EnumPrinters and OpenPrinter functions, allowing remote attackers to execute arbitrary commands by sending a specially crafted RPC request to the Spooler service.

Resolution

Apply 491psp3_nwspool.exe. Patches are available from Novell.

References

http://www.securityfocus.com/archive/1/453012
http://www.novell.com/support/search.do?cmd=displayKC&externalId=3125538&sliceId=SAL_Public

Limitations

Exploit works on Novell Client 4.91 SP3 on Windows 2000.

Platforms

Windows

Back to exploit index