CVE-2008-0639
Novell Client 4.91 SP2-SP4 - Stack-based Buffer Overflow via RPC Request
Title source: llmDescription
Stack-based buffer overflow in the EnumPrinters function in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2, SP3, and SP4 for Windows allows remote attackers to execute arbitrary code via a crafted RPC request, aka Novell bug 353138, a different vulnerability than CVE-2006-5854. NOTE: this issue exists because of an incomplete fix for CVE-2007-6701.
References (9)
Core 9
Core References
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/487980/100/0/threaded
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/28895
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0496
Patch x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-08-005.html
Patch mailing-list
x_refsource_fulldisc
http://marc.info/?l=full-disclosure&m=120276962211348&w=2
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1019366
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/27741
Vendor Advisory x_refsource_confirm
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5008300.html
Patch x_refsource_confirm
http://download.novell.com/Download?buildid=SszG22IIugM~
Scores
EPSS
0.4465
EPSS Percentile
97.6%
Details
CWE
CWE-119
Status
published
Products (1)
novell/client
4.91 sp2 (3 CPE variants)
Published
Feb 13, 2008
Tracked Since
Feb 18, 2026