CVE-2010-2351
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
8.4 High
AI Score
Confidence
Low
0.451 Medium
EPSS
Percentile
97.4%
Stack-based buffer overflow in the CIFS.NLM driver in Netware SMB 1.0 for Novell Netware 6.5 SP8 and earlier allows remote attackers to execute arbitrary code via a Sessions Setup AndX packet with a long AccountName.
Affected configurations
References
download.novell.com/Download?buildid=tMWCI1cdI7s~
secunia.com/advisories/40199
www.exploit-db.com/exploits/13906
www.securityfocus.com/bid/40908
www.stratsec.net/Research/Advisories/SS-2010-006-Netware-SMB-Remote-Stack-Overflow
www.vupen.com/english/advisories/2010/1514
exchange.xforce.ibmcloud.com/vulnerabilities/59501
Related
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
8.4 High
AI Score
Confidence
Low
0.451 Medium
EPSS
Percentile
97.4%