SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   NetWare Vendors:   Novell
NetWare CIFS and AFP Protocol Processing Flaws Let Remote Users Deny Service
SecurityTracker Alert ID:  1023400
SecurityTracker URL:  http://securitytracker.com/id/1023400
CVE Reference:   CVE-2010-0317   (Links to External Site)
Updated:  Jan 19 2010
Original Entry Date:  Jan 6 2010
Impact:   Denial of service via network
Exploit Included:  Yes  
Version(s): 6.5 SP8
Description:   A vulnerability was reported in NetWare. A remote user can cause denial of service conditions.

A remote user can send a large number of specially crafted requests via CIFS or AFP to cause the target service to consume excessive memory and eventually cause the target server to crash.

The following module versions are affected:

CIFS.nlm Semantic Agent (Build 163 MP)
Version 3.27 November 13, 2008

AFPTCP.nlm Build 163 SP
Version 3.27 November 13, 2008

The vendor was notified on December 21, 2009.

The advisory is available at:

http://protekresearch.blogspot.com/2010/01/prl-cifsnlm-memory-consumption-denial.html

Francis Provencher of Protek Research Lab reported this vulnerability.

Impact:   A remote user can cause the target server to crash.
Solution:   No solution was available at the time of this entry.
Vendor URL:  www.novell.com/ (Links to External Site)
Cause:   Resource error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC