Search
Find a vulnerability
Search criteria
6 vulnerabilities found for netware_client by novell
CVE-2007-5762 (GCVE-0-2007-5762)
Vulnerability from nvd – Published: 2008-01-09 22:00 – Updated: 2024-08-07 15:39
VLAI
Summary
NICM.SYS driver 3.0.0.4, as used in Novell NetWare Client 4.91 SP4, allows local users to execute arbitrary code by opening the \\.\nicm device and providing crafted kernel addresses via IOCTLs with the METHOD_NEITHER buffering mode.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/27209 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/28396 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2008/0088 | vdb-entryx_refsource_VUPEN |
| http://download.novell.com/Download?buildid=4FmI8… | x_refsource_CONFIRM |
| http://labs.idefense.com/intelligence/vulnerabili… | third-party-advisoryx_refsource_IDEFENSE |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securitytracker.com/id?1019172 | vdb-entryx_refsource_SECTRACK |
Date Public
2008-01-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.723Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27209",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27209"
},
{
"name": "28396",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28396"
},
{
"name": "ADV-2008-0088",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0088"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.novell.com/Download?buildid=4FmI89wOmg4~"
},
{
"name": "20080109 Novell NetWare Client nicm.sys Local Privilege Escalation Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=637"
},
{
"name": "novell-client-nicm-privilege-escalation(39576)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39576"
},
{
"name": "1019172",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019172"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "NICM.SYS driver 3.0.0.4, as used in Novell NetWare Client 4.91 SP4, allows local users to execute arbitrary code by opening the \\\\.\\nicm device and providing crafted kernel addresses via IOCTLs with the METHOD_NEITHER buffering mode."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27209",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27209"
},
{
"name": "28396",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28396"
},
{
"name": "ADV-2008-0088",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0088"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.novell.com/Download?buildid=4FmI89wOmg4~"
},
{
"name": "20080109 Novell NetWare Client nicm.sys Local Privilege Escalation Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=637"
},
{
"name": "novell-client-nicm-privilege-escalation(39576)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39576"
},
{
"name": "1019172",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019172"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5762",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NICM.SYS driver 3.0.0.4, as used in Novell NetWare Client 4.91 SP4, allows local users to execute arbitrary code by opening the \\\\.\\nicm device and providing crafted kernel addresses via IOCTLs with the METHOD_NEITHER buffering mode."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27209",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27209"
},
{
"name": "28396",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28396"
},
{
"name": "ADV-2008-0088",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0088"
},
{
"name": "http://download.novell.com/Download?buildid=4FmI89wOmg4~",
"refsource": "CONFIRM",
"url": "http://download.novell.com/Download?buildid=4FmI89wOmg4~"
},
{
"name": "20080109 Novell NetWare Client nicm.sys Local Privilege Escalation Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=637"
},
{
"name": "novell-client-nicm-privilege-escalation(39576)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39576"
},
{
"name": "1019172",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019172"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5762",
"datePublished": "2008-01-09T22:00:00.000Z",
"dateReserved": "2007-10-31T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:39:13.723Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5854 (GCVE-0-2006-5854)
Vulnerability from nvd – Published: 2006-12-03 17:00 – Updated: 2024-08-07 20:04
VLAI
Summary
Multiple buffer overflows in the Spooler service (nwspool.dll) in Novell Netware Client 4.91 through 4.91 SP2 allow remote attackers to execute arbitrary code via a long argument to the (1) EnumPrinters and (2) OpenPrinter functions.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
13 references
| URL | Tags |
|---|---|
| http://www.kb.cert.org/vuls/id/300636 | third-party-advisoryx_refsource_CERT-VN |
| http://www.securityfocus.com/data/vulnerabilities… | x_refsource_MISC |
| http://www.novell.com/support/search.do?cmd=displ… | x_refsource_CONFIRM |
| http://securitytracker.com/id?1017263 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/21220 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2006/4631 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/archive/1/453012/100… | mailing-listx_refsource_BUGTRAQ |
| http://securitytracker.com/id?1017315 | vdb-entryx_refsource_SECTRACK |
| http://www.zerodayinitiative.com/advisories/ZDI-0… | x_refsource_MISC |
| http://www.kb.cert.org/vuls/id/653076 | third-party-advisoryx_refsource_CERT-VN |
| http://support.novell.com/cgi-bin/search/searchti… | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/23027 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2006-11-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:04:55.611Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#300636",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/300636"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/data/vulnerabilities/exploits/testlpc.c"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/search.do?cmd=displayKC\u0026externalId=3125538\u0026sliceId=SAL_Public"
},
{
"name": "1017263",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017263"
},
{
"name": "21220",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21220"
},
{
"name": "ADV-2006-4631",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4631"
},
{
"name": "20061129 ZDI-06-043: Novell Netware Client Print Provider Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/453012/100/0/threaded"
},
{
"name": "1017315",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017315"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-043.html"
},
{
"name": "VU#653076",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/653076"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974765.htm"
},
{
"name": "novell-nwspool-bo(30461)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30461"
},
{
"name": "23027",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23027"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-11-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the Spooler service (nwspool.dll) in Novell Netware Client 4.91 through 4.91 SP2 allow remote attackers to execute arbitrary code via a long argument to the (1) EnumPrinters and (2) OpenPrinter functions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#300636",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/300636"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/data/vulnerabilities/exploits/testlpc.c"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/search.do?cmd=displayKC\u0026externalId=3125538\u0026sliceId=SAL_Public"
},
{
"name": "1017263",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017263"
},
{
"name": "21220",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21220"
},
{
"name": "ADV-2006-4631",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4631"
},
{
"name": "20061129 ZDI-06-043: Novell Netware Client Print Provider Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/453012/100/0/threaded"
},
{
"name": "1017315",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017315"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-043.html"
},
{
"name": "VU#653076",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/653076"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974765.htm"
},
{
"name": "novell-nwspool-bo(30461)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30461"
},
{
"name": "23027",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23027"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5854",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in the Spooler service (nwspool.dll) in Novell Netware Client 4.91 through 4.91 SP2 allow remote attackers to execute arbitrary code via a long argument to the (1) EnumPrinters and (2) OpenPrinter functions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#300636",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/300636"
},
{
"name": "http://www.securityfocus.com/data/vulnerabilities/exploits/testlpc.c",
"refsource": "MISC",
"url": "http://www.securityfocus.com/data/vulnerabilities/exploits/testlpc.c"
},
{
"name": "http://www.novell.com/support/search.do?cmd=displayKC\u0026externalId=3125538\u0026sliceId=SAL_Public",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/search.do?cmd=displayKC\u0026externalId=3125538\u0026sliceId=SAL_Public"
},
{
"name": "1017263",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017263"
},
{
"name": "21220",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21220"
},
{
"name": "ADV-2006-4631",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4631"
},
{
"name": "20061129 ZDI-06-043: Novell Netware Client Print Provider Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/453012/100/0/threaded"
},
{
"name": "1017315",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017315"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-06-043.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-043.html"
},
{
"name": "VU#653076",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/653076"
},
{
"name": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974765.htm",
"refsource": "CONFIRM",
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974765.htm"
},
{
"name": "novell-nwspool-bo(30461)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30461"
},
{
"name": "23027",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23027"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5854",
"datePublished": "2006-12-03T17:00:00.000Z",
"dateReserved": "2006-11-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:04:55.611Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1754 (GCVE-0-2002-1754)
Vulnerability from nvd – Published: 2005-06-21 04:00 – Updated: 2024-08-08 03:34
VLAI
Summary
Buffer overflow in Novell NetWare Client 4.80 through 4.83 allows local users to cause a denial of service (crash) by using ping, traceroute, or a similar utility to force the client to resolve a large hostname.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://support.novell.com/servlet/tidfinder/2962694 | x_refsource_CONFIRM |
| http://www.cqure.net/advisories.jsp?id=15 | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2002-05-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:34:56.011Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/servlet/tidfinder/2962694"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cqure.net/advisories.jsp?id=15"
},
{
"name": "netware-client-hostname-dos(9035)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9035"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-05-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Novell NetWare Client 4.80 through 4.83 allows local users to cause a denial of service (crash) by using ping, traceroute, or a similar utility to force the client to resolve a large hostname."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/servlet/tidfinder/2962694"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cqure.net/advisories.jsp?id=15"
},
{
"name": "netware-client-hostname-dos(9035)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9035"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1754",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Novell NetWare Client 4.80 through 4.83 allows local users to cause a denial of service (crash) by using ping, traceroute, or a similar utility to force the client to resolve a large hostname."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.novell.com/servlet/tidfinder/2962694",
"refsource": "CONFIRM",
"url": "http://support.novell.com/servlet/tidfinder/2962694"
},
{
"name": "http://www.cqure.net/advisories.jsp?id=15",
"refsource": "MISC",
"url": "http://www.cqure.net/advisories.jsp?id=15"
},
{
"name": "netware-client-hostname-dos(9035)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9035"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1754",
"datePublished": "2005-06-21T04:00:00.000Z",
"dateReserved": "2005-06-21T00:00:00.000Z",
"dateUpdated": "2024-08-08T03:34:56.011Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5762 (GCVE-0-2007-5762)
Vulnerability from cvelistv5 – Published: 2008-01-09 22:00 – Updated: 2024-08-07 15:39
VLAI
Summary
NICM.SYS driver 3.0.0.4, as used in Novell NetWare Client 4.91 SP4, allows local users to execute arbitrary code by opening the \\.\nicm device and providing crafted kernel addresses via IOCTLs with the METHOD_NEITHER buffering mode.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/27209 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/28396 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2008/0088 | vdb-entryx_refsource_VUPEN |
| http://download.novell.com/Download?buildid=4FmI8… | x_refsource_CONFIRM |
| http://labs.idefense.com/intelligence/vulnerabili… | third-party-advisoryx_refsource_IDEFENSE |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securitytracker.com/id?1019172 | vdb-entryx_refsource_SECTRACK |
Date Public
2008-01-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.723Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27209",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27209"
},
{
"name": "28396",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28396"
},
{
"name": "ADV-2008-0088",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0088"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.novell.com/Download?buildid=4FmI89wOmg4~"
},
{
"name": "20080109 Novell NetWare Client nicm.sys Local Privilege Escalation Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=637"
},
{
"name": "novell-client-nicm-privilege-escalation(39576)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39576"
},
{
"name": "1019172",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019172"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "NICM.SYS driver 3.0.0.4, as used in Novell NetWare Client 4.91 SP4, allows local users to execute arbitrary code by opening the \\\\.\\nicm device and providing crafted kernel addresses via IOCTLs with the METHOD_NEITHER buffering mode."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27209",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27209"
},
{
"name": "28396",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28396"
},
{
"name": "ADV-2008-0088",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0088"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.novell.com/Download?buildid=4FmI89wOmg4~"
},
{
"name": "20080109 Novell NetWare Client nicm.sys Local Privilege Escalation Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=637"
},
{
"name": "novell-client-nicm-privilege-escalation(39576)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39576"
},
{
"name": "1019172",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019172"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5762",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NICM.SYS driver 3.0.0.4, as used in Novell NetWare Client 4.91 SP4, allows local users to execute arbitrary code by opening the \\\\.\\nicm device and providing crafted kernel addresses via IOCTLs with the METHOD_NEITHER buffering mode."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27209",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27209"
},
{
"name": "28396",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28396"
},
{
"name": "ADV-2008-0088",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0088"
},
{
"name": "http://download.novell.com/Download?buildid=4FmI89wOmg4~",
"refsource": "CONFIRM",
"url": "http://download.novell.com/Download?buildid=4FmI89wOmg4~"
},
{
"name": "20080109 Novell NetWare Client nicm.sys Local Privilege Escalation Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=637"
},
{
"name": "novell-client-nicm-privilege-escalation(39576)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39576"
},
{
"name": "1019172",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019172"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5762",
"datePublished": "2008-01-09T22:00:00.000Z",
"dateReserved": "2007-10-31T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:39:13.723Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5854 (GCVE-0-2006-5854)
Vulnerability from cvelistv5 – Published: 2006-12-03 17:00 – Updated: 2024-08-07 20:04
VLAI
Summary
Multiple buffer overflows in the Spooler service (nwspool.dll) in Novell Netware Client 4.91 through 4.91 SP2 allow remote attackers to execute arbitrary code via a long argument to the (1) EnumPrinters and (2) OpenPrinter functions.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
13 references
| URL | Tags |
|---|---|
| http://www.kb.cert.org/vuls/id/300636 | third-party-advisoryx_refsource_CERT-VN |
| http://www.securityfocus.com/data/vulnerabilities… | x_refsource_MISC |
| http://www.novell.com/support/search.do?cmd=displ… | x_refsource_CONFIRM |
| http://securitytracker.com/id?1017263 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/21220 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2006/4631 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/archive/1/453012/100… | mailing-listx_refsource_BUGTRAQ |
| http://securitytracker.com/id?1017315 | vdb-entryx_refsource_SECTRACK |
| http://www.zerodayinitiative.com/advisories/ZDI-0… | x_refsource_MISC |
| http://www.kb.cert.org/vuls/id/653076 | third-party-advisoryx_refsource_CERT-VN |
| http://support.novell.com/cgi-bin/search/searchti… | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/23027 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2006-11-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:04:55.611Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#300636",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/300636"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/data/vulnerabilities/exploits/testlpc.c"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/search.do?cmd=displayKC\u0026externalId=3125538\u0026sliceId=SAL_Public"
},
{
"name": "1017263",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017263"
},
{
"name": "21220",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21220"
},
{
"name": "ADV-2006-4631",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4631"
},
{
"name": "20061129 ZDI-06-043: Novell Netware Client Print Provider Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/453012/100/0/threaded"
},
{
"name": "1017315",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017315"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-043.html"
},
{
"name": "VU#653076",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/653076"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974765.htm"
},
{
"name": "novell-nwspool-bo(30461)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30461"
},
{
"name": "23027",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23027"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-11-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the Spooler service (nwspool.dll) in Novell Netware Client 4.91 through 4.91 SP2 allow remote attackers to execute arbitrary code via a long argument to the (1) EnumPrinters and (2) OpenPrinter functions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#300636",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/300636"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/data/vulnerabilities/exploits/testlpc.c"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/search.do?cmd=displayKC\u0026externalId=3125538\u0026sliceId=SAL_Public"
},
{
"name": "1017263",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017263"
},
{
"name": "21220",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21220"
},
{
"name": "ADV-2006-4631",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4631"
},
{
"name": "20061129 ZDI-06-043: Novell Netware Client Print Provider Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/453012/100/0/threaded"
},
{
"name": "1017315",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017315"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-043.html"
},
{
"name": "VU#653076",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/653076"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974765.htm"
},
{
"name": "novell-nwspool-bo(30461)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30461"
},
{
"name": "23027",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23027"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5854",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in the Spooler service (nwspool.dll) in Novell Netware Client 4.91 through 4.91 SP2 allow remote attackers to execute arbitrary code via a long argument to the (1) EnumPrinters and (2) OpenPrinter functions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#300636",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/300636"
},
{
"name": "http://www.securityfocus.com/data/vulnerabilities/exploits/testlpc.c",
"refsource": "MISC",
"url": "http://www.securityfocus.com/data/vulnerabilities/exploits/testlpc.c"
},
{
"name": "http://www.novell.com/support/search.do?cmd=displayKC\u0026externalId=3125538\u0026sliceId=SAL_Public",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/search.do?cmd=displayKC\u0026externalId=3125538\u0026sliceId=SAL_Public"
},
{
"name": "1017263",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017263"
},
{
"name": "21220",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21220"
},
{
"name": "ADV-2006-4631",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4631"
},
{
"name": "20061129 ZDI-06-043: Novell Netware Client Print Provider Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/453012/100/0/threaded"
},
{
"name": "1017315",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017315"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-06-043.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-043.html"
},
{
"name": "VU#653076",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/653076"
},
{
"name": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974765.htm",
"refsource": "CONFIRM",
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974765.htm"
},
{
"name": "novell-nwspool-bo(30461)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30461"
},
{
"name": "23027",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23027"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5854",
"datePublished": "2006-12-03T17:00:00.000Z",
"dateReserved": "2006-11-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:04:55.611Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1754 (GCVE-0-2002-1754)
Vulnerability from cvelistv5 – Published: 2005-06-21 04:00 – Updated: 2024-08-08 03:34
VLAI
Summary
Buffer overflow in Novell NetWare Client 4.80 through 4.83 allows local users to cause a denial of service (crash) by using ping, traceroute, or a similar utility to force the client to resolve a large hostname.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://support.novell.com/servlet/tidfinder/2962694 | x_refsource_CONFIRM |
| http://www.cqure.net/advisories.jsp?id=15 | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2002-05-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:34:56.011Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/servlet/tidfinder/2962694"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cqure.net/advisories.jsp?id=15"
},
{
"name": "netware-client-hostname-dos(9035)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9035"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-05-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Novell NetWare Client 4.80 through 4.83 allows local users to cause a denial of service (crash) by using ping, traceroute, or a similar utility to force the client to resolve a large hostname."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/servlet/tidfinder/2962694"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cqure.net/advisories.jsp?id=15"
},
{
"name": "netware-client-hostname-dos(9035)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9035"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1754",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Novell NetWare Client 4.80 through 4.83 allows local users to cause a denial of service (crash) by using ping, traceroute, or a similar utility to force the client to resolve a large hostname."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.novell.com/servlet/tidfinder/2962694",
"refsource": "CONFIRM",
"url": "http://support.novell.com/servlet/tidfinder/2962694"
},
{
"name": "http://www.cqure.net/advisories.jsp?id=15",
"refsource": "MISC",
"url": "http://www.cqure.net/advisories.jsp?id=15"
},
{
"name": "netware-client-hostname-dos(9035)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9035"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1754",
"datePublished": "2005-06-21T04:00:00.000Z",
"dateReserved": "2005-06-21T00:00:00.000Z",
"dateUpdated": "2024-08-08T03:34:56.011Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}