CVE-2010-0317

Novell Netware - Resource Management Error

Title source: rule

Description

Novell Netware 6.5 SP8 allows remote attackers to cause a denial of service (NULL pointer dereference, memory consumption, ABEND, and crash) via a large number of malformed or AFP requests that are not properly handled by (1) the CIFS functionality in CIFS.nlm Semantic Agent (Build 163 MP) 3.27 or (2) the AFP functionality in AFPTCP.nlm Build 163 SP 3.27. NOTE: some of these details are obtained from third party information.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Francis Provencher · perldosmultiple

https://www.exploit-db.com/exploits/11009

View Code ZIP pw:eip

References (8)

[Various Sources] http://protekresearch.blogspot.com/2010/01/prl-cifsnlm-memory-consumption-denial.html

[Vendor Advisory] http://secunia.com/advisories/38114

[Exploit] http://www.exploit-db.com/exploits/11009

[Exploit] http://www.securityfocus.com/bid/37616

[Vendor Advisory] http://www.vupen.com/english/advisories/2010/0041

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/508731/100/0/threaded

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/55389

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1023400

Scores

EPSS 0.1009

EPSS Percentile 93.1%

Details

CWE

CWE-399

Status published

Products (1)

novell/netware 6.5 sp8

Published Jan 15, 2010

Tracked Since Feb 18, 2026