7.5

CVE-2006-5854

Multiple buffer overflows in the Spooler service (nwspool.dll) in Novell Netware Client 4.91 through 4.91 SP2 allow remote attackers to execute arbitrary code via a long argument to the (1) EnumPrinters and (2) OpenPrinter functions.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
NovellNetware Client Version4.91
NovellNetware Client Version4.91 Updatesp1
NovellNetware Client Version4.91 Updatesp2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 57.29% 0.99
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/23027
http://securitytracker.com/id?1017263
http://securitytracker.com/id?1017315
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974765.htm
http://www.kb.cert.org/vuls/id/300636
US Government Resource
http://www.kb.cert.org/vuls/id/653076
US Government Resource
http://www.novell.com/support/search.do?cmd=displayKC&externalId=3125538&sliceId=SAL_Public
Patch
Vendor Advisory
http://www.securityfocus.com/archive/1/453012/100/0/threaded
http://www.securityfocus.com/bid/21220
http://www.securityfocus.com/data/vulnerabilities/exploits/testlpc.c
http://www.vupen.com/english/advisories/2006/4631
http://www.zerodayinitiative.com/advisories/ZDI-06-043.html
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/30461