CVE-2010-2351

Novell Netware < 6.5 - Remote Code Execution via SMB Sessions Setup AndX Packet

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-2351. PoCs published by laurent gaffie.

AI-analyzed exploit summary This exploit targets a stack overflow vulnerability in Novell Netware's CIFS.NLM driver via a malformed 'Session Setup AndX' SMB packet with an overly long 'AccountName' field. It sends a crafted payload to trigger a kernel stack overflow, potentially leading to remote code execution or denial of service.

Description

Stack-based buffer overflow in the CIFS.NLM driver in Netware SMB 1.0 for Novell Netware 6.5 SP8 and earlier allows remote attackers to execute arbitrary code via a Sessions Setup AndX packet with a long AccountName.

Exploits (1)

exploitdb WORKING POC VERIFIED

by laurent gaffie · textdosnovell

https://www.exploit-db.com/exploits/13906

View Code ZIP pw:eip

This exploit targets a stack overflow vulnerability in Novell Netware's CIFS.NLM driver via a malformed 'Session Setup AndX' SMB packet with an overly long 'AccountName' field. It sends a crafted payload to trigger a kernel stack overflow, potentially leading to remote code execution or denial of service.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Novell Netware 6.5 SP8 and prior

No auth needed

Prerequisites: Network access to target's SMB port (139) · Target running vulnerable Netware version

MITRE ATT&CK