Secunia.com 2007-11-01 , release at their website a vulnerability has been reported in Novell BorderManager, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to the Client Trust application incorrectly processing validation requests sent to the UDP port on which clntrust.exe is listening (by default 3024). This can be exploited to cause a heap-based buffer overflow by sending a specially crafted validation request containing a Novell tree name without backslash or zero wide characters.
Successful exploitation allows execution of arbitrary code.
The vulnerability is reported in Novell BorderManager 3.8. Prior versions may also be affected.
Solution : Download patch from Vendor
(http://download.novell.com/Download?buildid=AuOWp2Xsvmc~)
6 Related Secunia Security Advisories
1. Novell BorderManager Unicode Encoding Detection Bypass2. Novell BorderManager ISAKMP Predictable Cookie Security Issue
3. Novell BorderManager VPN Denial of Service Vulnerability
4. Novell BorderManager Proxy Potential Denial of Service
5. Novell Bordermanager VPN Service Unspecified Denial of Service
6. Novell BorderManager 3.7 SP2 fixes multiple issues
Other Release at 2007-11-01 from Secunia.com
Read more after jump
- Apache Geronimo SQLLoginModule Non-existing User Authentication Security Bypass - Apache Geronimo WebDAV Arbitrary File Content Disclosure - IBM WebSphere Application Server Community Edition SQLLoginModule Security Bypass
- Macrovision Products Update Service ActiveX Control Insecure Methods - rPath update for cups - IBM Tivoli Continuous Data Protection for Files Insecure Permissions
- ISPworker Two Directory Traversal Vulnerabilities - Novell BorderManager Client Trust Buffer Overflow Vulnerability - Blue Coat ProxySG SGOS Cross-Site Scripting Vulnerability - WebSphere Application Server Community Edition WebDAV Content Disclosure - SUSE update for cups - CONTENTCustomizer "dialog.php" Information Disclosure - SUSE Update for Multiple Packages - Red Hat update for kernel - WORK system e-commerce Multiple Unspecified Ajax Vulnerabilities
0 Comment:
Post a Comment