CVE-2010-2351

Published: Jun 21, 2010Modified: Apr 29, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

Stack-based buffer overflow in the CIFS.NLM driver in Netware SMB 1.0 for Novell Netware 6.5 SP8 and earlier allows remote attackers to execute arbitrary code via a Sessions Setup AndX packet with a long AccountName.

Affected (20)

Products: Novell: Netware

1 product

Configuration A

20 vulnerable

Vulnerable Software	Affected Versions
Novell Netware	Up to 6.5
Novell Netware	Version 5.0
Novell Netware	Version 5.0 sp3
Novell Netware	Version 5.1 sp7
Novell Netware	Version 5.1 sp8
Novell Netware	Version 6.0 sp1
Novell Netware	Version 6.0 sp2
Novell Netware	Version 6.0 sp3
Novell Netware	Version 6.0 sp4
Novell Netware	Version 6.0 sp5
Novell Netware	Version 6.5
Novell Netware	Version 6.5 sp1
Novell Netware	Version 6.5 sp2
Novell Netware	Version 6.5 sp3
Novell Netware	Version 6.5 sp4
Novell Netware	Version 6.5 sp5
Novell Netware	Version 6.5 sp6
Novell Netware	Version 6.5 sp7
Novell Netware	Version 5.1
Novell Netware	Version 6.0

Related CWEs

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (14)

http://download.novell.com/Download?buildid=tMWCI1cdI7s~

Source: cve@mitre.org

Patch

http://secunia.com/advisories/40199

Source: cve@mitre.org

Vendor Advisory

http://www.exploit-db.com/exploits/13906

Source: cve@mitre.org

Exploit

http://www.securityfocus.com/bid/40908

Source: cve@mitre.org

Exploit

http://www.stratsec.net/Research/Advisories/SS-2010-006-Netware-SMB-Remote-Stack-Overflow

Source: cve@mitre.org

Exploit

http://www.vupen.com/english/advisories/2010/1514

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/59501

Source: cve@mitre.org

http://download.novell.com/Download?buildid=tMWCI1cdI7s~

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://secunia.com/advisories/40199

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.exploit-db.com/exploits/13906

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.securityfocus.com/bid/40908

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.stratsec.net/Research/Advisories/SS-2010-006-Netware-SMB-Remote-Stack-Overflow

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.vupen.com/english/advisories/2010/1514

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/59501

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.