cqure.net.20020412.netware_sdmr.a

• Previous message: snsadvat_private: "[SNS Advisory No.53] Webmin/Usermin Session ID Spoofing Vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

cqure.net Security Vulnerability Report
No: cqure.net.20020412.netware_sdmr.a
========================================

Vulnerability Summary
---------------------
Problem:           The IPX compatibility issue Posted to BugTraq on
                   July 11, 2000 by Dimuthu Parussalla applies to
                   Netware 6.0 SP 1 as well.

Threat:            An attacker could cause the SDMR.NLM to abend
                   and in some cases reboot the server. See bid
                   1467 for more information.

Affected Software: Novell Netware 6.0 SP 1.

Solution:          Taken from Bugtraq bid 1467.
                   "IPX-Compatibility should not be enabled on
                   production servers."


Solution
--------
Disable IPX-Compatibility on production servers.

Additional Information
----------------------
Novell was contacted 20020412.

This vulnerability was found and researched by
Patrik Karlsson & Jonas Ländin
patrik.karlssonat_private
jonas.landinat_private

This document is also available at: http://www.cqure.net/advisories/

• Next message: Patrik Karlsson: "cqure.net.20020412.bordermanager_36_mv1.a"
• Previous message: snsadvat_private: "[SNS Advisory No.53] Webmin/Usermin Session ID Spoofing Vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed May 08 2002 - 11:51:43 PDT