|
|
|
|
| |
Credit:
The information has been provided by The Zero Day Initiative (ZDI).
The original article can be found at: http://www.zerodayinitiative.com/advisories/ZDI-07-064.html
|
| |
Vulnerable Systems:
* Novell BorderManager version 3.8
The specific flaw exists in the Novell Client Trust application, clntrust.exe, which listens by default on UDP port 3024 on Novell client machines. During a validation request, the Client Trust process copies a user-supplied Novell tree name until a wide-character backslash or a NULL is encountered. If neither is found within the data, the process will copy excess data which later overflows a static buffer during a call to wsprintfA.
Vendor Response:
Novell has issued an update to correct this vulnerability. More details can be found at: http://download.novell.com/Download?buildid=AuOWp2Xsvmc~
Disclosure Timeline:
2007.07.17 - Vulnerability reported to vendor
- Digital Vaccine released to TippingPoint customers
2007.10.25 - Coordinated public release of advisory
CVE Information:
CVE-2007-5767
|
|
|
|
|
