Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2010-0317

Novell Netware 6.5 SP8 allows remote attackers to cause a denial of service (NULL pointer dereference, memory consumption, ABEND, and crash) via a large number of malformed or AFP requests that are not properly handled by (1) the CIFS functionality in CIFS.nlm Semantic Agent (Build 163 MP) 3.27 or (2) the AFP functionality in AFPTCP.nlm Build 163 SP 3.27. NOTE: some of these details are obtained from third party information.

Published

2010-01-15T18:30:00.340

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 7.8 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: COMPLETE

Exploitability Score

10.0

Impact Score

6.9

Weaknesses

Type: Primary
CWE-399

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	novell	netware	6.5	Yes

References

http://protekresearch.blogspot.com/2010/01/prl-cifsnlm-memory-consumption-denial.html ([email protected])
http://secunia.com/advisories/38114 Vendor Advisory ([email protected])
http://www.exploit-db.com/exploits/11009 Exploit ([email protected])
http://www.securityfocus.com/archive/1/508731/100/0/threaded ([email protected])
http://www.securityfocus.com/bid/37616 Exploit ([email protected])
http://www.securitytracker.com/id?1023400 ([email protected])
http://www.vupen.com/english/advisories/2010/0041 Vendor Advisory ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/55389 ([email protected])
http://protekresearch.blogspot.com/2010/01/prl-cifsnlm-memory-consumption-denial.html (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/38114 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.exploit-db.com/exploits/11009 Exploit (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/508731/100/0/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/37616 Exploit (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id?1023400 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2010/0041 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/55389 (af854a3a-2127-422b-91ae-364da2661108)