Novell Netware 'XNFS.NLM' Component 'xdrDecodeString()' Remote Buffer Overflow Vulnerability

Bugtraq ID:	50804
Class:	Boundary Condition Error
CVE:	CVE-2011-4191
Remote:	Yes
Local:	No
Published:	Nov 24 2011 12:00AM
Updated:	Jan 07 2012 12:40AM
Credit:	Francis Provencher of Protek Research Lab's through Zero Day Initiative
Vulnerable:	Novell Netware 6.5.0 SP8
Not Vulnerable:

Novell Netware 'XNFS.NLM' Component 'xdrDecodeString()' Remote Buffer Overflow Vulnerability

Novell Netware is prone to a remote stack-based buffer-overflow vulnerability.

An attacker can exploit this issue to execute arbitrary code in the context of the system. Successful attacks will completely compromise the affected computer. Failed attacks will likely cause denial-of-service conditions.

Novell Netware 'XNFS.NLM' Component 'xdrDecodeString()' Remote Buffer Overflow Vulnerability

The following proof of concept codes are available:

• /data/vulnerabilities/exploits/50804.rb
• /data/vulnerabilities/exploits/50804-1.rb

Novell Netware 'XNFS.NLM' Component 'xdrDecodeString()' Remote Buffer Overflow Vulnerability

Solution:
Updates are available. Please see the references for more information.

Novell Netware 'XNFS.NLM' Component 'xdrDecodeString()' Remote Buffer Overflow Vulnerability

References:

• NetWare XNFS security updates - Nov 2011 (Novell)
  
• Novell Homepage (Novell)
  
• Novell Netware XNFS.NLM NFS Rename Remote Code Execution Vulnerability (TippingPoint Zero Day Initiative)
  
• Novell Netware XNFS.NLM STAT Notify Remote Code Execution Vulnerability (TippingPoint Zero Day Initiative)