CVE-2006-2327 — Netware vulnerability

CWE-1893 documents3 sources

Severity

6.4MEDIUMNVD

EPSS

12.7%

top 6.01%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Novell Netware

Timeline

PublishedMay 12

Latest updateMay 1

Description

Multiple integer overflows in the DPRPC library (DPRPCNLM.NLM) NDPS/iPrint module in Novell Distributed Print Services in Novell NetWare 6.5 SP3, SP4, and SP5 allow remote attackers to execute arbitrary code via an XDR encoded array with a field that specifies a large number of elements, which triggers the overflows in the ndps_xdr_array function.

CVSS vector

AV:N/AC:L/C:N/I:P/A:PExploitability: 10.0 | Impact: 4.9

Affected Packages1 packages

▶NVDnovell/netware6.5

Patches

Patch: securitytracker.com ↗Patch: support.novell.com ↗Patch: www.hustlelabs.com ↗

🔴Vulnerability Details

GHSA

GHSA-7vxf-65mx-9347: Multiple integer overflows in the DPRPC library (DPRPCNLM↗2022-05-01

▶

CVEList

CVE-2006-2327: Multiple integer overflows in the DPRPC library (DPRPCNLM↗2006-05-12

▶