Bugtraq: Re: Vulnerability in Novell Netware

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Vulnerability in Novell Netware

From: Ben Ponting <bponting () HOTMAIL COM>
Date: Mon, 12 Mar 2001 00:54:36 -0000

We've tested this exploit with NW 5.1 SP2a using a 
queue based Print Server object.
We could login as the object with no password, but 
the object only had public rights (ie, browse, compare 
and read). 
No volume scan, read or write rights. 
Though it must have read rights to the print spool 
location.

By default the Print Server should not security 
equivelance to the container. 
But this may have been manually assigned in the 
environment where the vulnerability was discovered.

Ben Ponting

By Date By Thread

Current thread:

Re: Vulnerability in Novell Netware, (continued)
- Re: Vulnerability in Novell Netware Mike Glassman - Admin (Mar 12)
- Re: Vulnerability in Novell Netware Ben Ponting (Mar 12)
  - Re: Vulnerability in Novell Netware Scott Smith (Mar 13)
- Re: Vulnerability in Novell Netware Matthew Firth (Mar 12)
- Re: Vulnerability in Novell Netware Simple Nomad (Mar 13)
- Re: FW: Vulnerability in Novell Netware Jeffrey Seaton (Mar 15)
  - Re: FW: Vulnerability in Novell Netware Jacek Lipkowski (Mar 16)