Novell File Reporter Agent XML Parser Buffer Overflow

Added: 05/16/2011
CVE: CVE-2011-0994
BID: 47144
OSVDB: 71980

Background

Novell File Reporter is software that allows network administrators to identify files stored on the network and generates reports regarding the size of individual files, file type, when files were last accessed, and where duplicates exist.

Problem

A stack overflow vulnerability exists in the agent process (NFRAgent.exe) of Novell File Reporter versions prior to 1.0.2. A remote attacker may send a malicious XML request to execute arbitrary code on the host.

Resolution

Upgrade to Novell File Reporter 1.0.2 or higher.

References

http://download.novell.com/Download?buildid=rCAgCcbPH9s~
http://www.zerodayinitiative.com/advisories/ZDI-11-116/

Limitations

This exploit has been tested against Novell File Reporter 1.0.1.1 running in Microsoft Windows Server 2003 SP2 English (DEP AlwaysOff) and Microsoft Windows XP SP3 English (DEP OptIn). This exploit requires the IO::Socket::SSL PERL module.

Platforms

Windows Server 2003
Windows XP

Back to exploit index