CVE-2006-5854

Novell Netware Client - Buffer Overflow

Title source: rule

Description

Multiple buffer overflows in the Spooler service (nwspool.dll) in Novell Netware Client 4.91 through 4.91 SP2 allow remote attackers to execute arbitrary code via a long argument to the (1) EnumPrinters and (2) OpenPrinter functions.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Andres Tarasco · clocalwindows

https://www.exploit-db.com/exploits/3220

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Andres Tarasco Acuna · cremotewindows

https://www.exploit-db.com/exploits/29146

View Code ZIP pw:eip

References (13)

[Vendor Advisory] http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974765.htm

[US Government Resource] http://www.kb.cert.org/vuls/id/300636

[US Government Resource] http://www.kb.cert.org/vuls/id/653076

[Patch, Vendor Advisory] http://www.novell.com/support/search.do?cmd=displayKC&externalId=3125538&sliceId=SAL_Public

[Patch, Vendor Advisory] http://www.zerodayinitiative.com/advisories/ZDI-06-043.html

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/30461

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/453012/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/21220

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/data/vulnerabilities/exploits/testlpc.c

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1017263

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1017315

[Third Party Advisory] http://secunia.com/advisories/23027

[Third Party Advisory] http://www.vupen.com/english/advisories/2006/4631

Scores

EPSS 0.8871

EPSS Percentile 99.5%

Details

Status published

Products (1)

novell/netware_client 4.91 (3 CPE variants)

Published Dec 03, 2006

Tracked Since Feb 18, 2026