Novell NetWare Local Information Disclosure Vulnerability
BID:18017
Info
Novell NetWare Local Information Disclosure Vulnerability
| Bugtraq ID: | 18017 |
| Class: | Design Error |
| CVE: |
CVE-2006-2185 |
| Remote: | No |
| Local: | Yes |
| Published: | May 17 2006 12:00AM |
| Updated: | May 17 2006 09:44PM |
| Credit: | The vendor disclosed this issue. |
| Vulnerable: |
Novell Netware 6.5 SP5 |
| Not Vulnerable: | |
Discussion
Novell NetWare Local Information Disclosure Vulnerability
Novell NetWare is susceptible to a local information-disclosure vulnerability. This issue is due to potentially sensitive information being written to a log file on affected computers.
This issue allows local attackers to gain access to potentially sensitive information. Information gained through exploiting this issue may aid them in further attacks.
Novell NetWare version 6.5 Support Pack 5 is vulnerable to this issue; other versions may also be affected.
Novell NetWare is susceptible to a local information-disclosure vulnerability. This issue is due to potentially sensitive information being written to a log file on affected computers.
This issue allows local attackers to gain access to potentially sensitive information. Information gained through exploiting this issue may aid them in further attacks.
Novell NetWare version 6.5 Support Pack 5 is vulnerable to this issue; other versions may also be affected.
Exploit / POC
Novell NetWare Local Information Disclosure Vulnerability
Attackers use standard system utilities to exploit this issue.
Attackers use standard system utilities to exploit this issue.
Solution / Fix
Novell NetWare Local Information Disclosure Vulnerability
Solution:
The vendor has released an advisory along with fixes to address this issue.
Please see the referenced vendor advisories for details on obtaining and applying fixes.
Novell Netware 6.5 SP5
Solution:
The vendor has released an advisory along with fixes to address this issue.
Please see the referenced vendor advisories for details on obtaining and applying fixes.
Novell Netware 6.5 SP5
-
Novell httpstk5.exe
http://support.novell.com/servlet/filedownload/sec/ftf/httpstk5.exe
References
Novell NetWare Local Information Disclosure Vulnerability
References:
References:
- Novell Homepage (Novell)
- TID2973698 - HTTP Stack Update for NetWare 6.5 SP5 (Novell)