Novell File Reporter NFRAgent.exe VOL tag buffer overflow
Added: 10/12/2012BID: 55268
OSVDB: 85503
Background
Novell File Reporter is software that allows network administrators to identify files stored on the network and generates reports regarding the size of individual files, file type, when files were last accessed, and where duplicates exist.Problem
A buffer overflow vulnerability when parsing tags inside the VOL element allows a remote, unauthenticated attacker to execute arbitrary commands with SYSTEM privileges.Resolution
Restrict access to port 3037/tcp.References
http://www.zerodayinitiative.com/advisories/ZDI-12-167/Limitations
Exploit works on Novell File Reporter 1.0.1.1.This exploit requires the Digest::MD5 and IO::Socket::SSL PERL modules.
Platforms
Windows XPBack to exploit index