In association with heise online

30 July 2007, 14:55

Novell patches security vulnerability in NetWare Client for Windows

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Novell has released an update for its NetWare Client, which fixes a critical vulnerability. A buffer overflow can be triggered remotely in the NWSPOOL.DLL file, allowing code to be injected and executed with system privileges. Novell Client v4.91 SP4 for Windows 2000/XP/2003 is affected. Novell do not provide any further details.

ZDI, which discovered the vulnerability, is still listing this bug in its upcoming advisory list under ZDI-CAN-146. According to this list, Novell has taken 173 days to fix the bug.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit