Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-5854

5 documents4 sources
Severity
7.5HIGH
EPSS
88.7%
top 0.49%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Novell Netware Client
Timeline
PublishedDec 3
Latest updateMay 1

Description

Multiple buffer overflows in the Spooler service (nwspool.dll) in Novell Netware Client 4.91 through 4.91 SP2 allow remote attackers to execute arbitrary code via a long argument to the (1) EnumPrinters and (2) OpenPrinter functions.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

Patches

Patch: www.novell.comPatch: www.zerodayinitiative.comPatch: www.novell.com

🔴Vulnerability Details

2
GHSA
GHSA-6j7x-gf8c-m9m3: Multiple buffer overflows in the Spooler service (nwspool2022-05-01
CVEList
CVE-2006-5854: Multiple buffer overflows in the Spooler service (nwspool2006-12-03

💥Exploits & PoCs

2
Exploit-DB
Multiple Printer Providers (Spooler Service) - Local Privilege Escalation2007-01-29
Exploit-DB
Novell Client 4.91 - 'NWSPOOL.dll' Remote Buffer Overflow2006-11-21
CVE-2006-5854 (HIGH CVSS 7.5) | Multiple buffer overflows in the Sp | cvebase.io