CVE-2008-3158

Novell Client for Windows 4.91 SP4 - Buffer Overflow

Title source: llm

Description

Unspecified vulnerability in NWFS.SYS in Novell Client for Windows 4.91 SP4 has unknown impact and attack vectors, possibly related to IOCTL requests that overwrite arbitrary memory.

Exploits (2)

exploitdb WORKING POC

by Metasploit · rubylocalwindows

https://www.exploit-db.com/exploits/26418

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by Ruben Santamarta, juan vazquez · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/novell_client_nwfs.rb

View Code ZIP pw:eip

References (6)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/43460

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1020385

[Patch] http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5028543.html

[Third Party Advisory] http://www.vupen.com/english/advisories/2008/1968/references

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/30001

[Patch, Vendor Advisory] http://secunia.com/advisories/30904

Scores

EPSS 0.1798

EPSS Percentile 95.2%

Details

CWE

CWE-264

Status published

Products (1)

novell/novell_client_for_windows 4.91_sp4

Published Jul 11, 2008

Tracked Since Feb 18, 2026