Dailydave mailing list archives

Previous By Date Next
Previous By Thread Next

A really bad month for Novell

From: Dave Aitel <dave () immunityinc com>
Date: Thu, 30 Nov 2006 16:37:01 -0500
Novell had a really bad month. Not only did they make a deal with
Microsoft and then have to furiously backtrack on it, but their security
has been taking a pounding.

In particular, let's look at three vulnerabilities (one of which isn't
even Novell's fault!):

    * November 29, 2006: Novell Netware Client for Windows Print
      Providor Overflow Exploit
      <http://www.immunityinc.com/partners-index.shtml>
    * November 16, 2006: Updated MS06_066 exploit - now works against
      XPSP2+DEP
      <https://www.immunityinc.com/downloads/immpartners/ms06_066-4.tar>
    * November 13, 2006: HttpStk.dlm Overflow for v8.8 and v8.8.1
      <https://www.immunityinc.com/downloads/immpartners/edirectory_http.tar>


Both of the Novell Client exploits work against XP SP2 with DEP enabled.
Essentially what that tells you is that if you had a Novell network and
you were using Microsoft's client to talk to it, you were owned. If you
were using Novell's client to talk to it, you were owned. Not a good
place to be, especially when you thought your fancy new Intel NX chip
was going to protect you! The Novell eDirectory overflow (HttpStk.dlm)
is another one of many other Novell exploits coming to roost.
Essentially, the Novell sea is under-fished, and Microsoft and Redhat
are going to clean them out by telling customers about Novell
vulnerabilities for the next year or so.

-dave

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave
Previous By Date Next
Previous By Thread Next

Current thread: