[Dailydave] A really bad month for Novell
Dave Aitel
dave at immunityinc.com
Thu Nov 30 16:37:01 EST 2006
Novell had a really bad month. Not only did they make a deal with
Microsoft and then have to furiously backtrack on it, but their security
has been taking a pounding.
In particular, let's look at three vulnerabilities (one of which isn't
even Novell's fault!):
* November 29, 2006: Novell Netware Client for Windows Print
Providor Overflow Exploit
<http://www.immunityinc.com/partners-index.shtml>
* November 16, 2006: Updated MS06_066 exploit - now works against
XPSP2+DEP
<https://www.immunityinc.com/downloads/immpartners/ms06_066-4.tar>
* November 13, 2006: HttpStk.dlm Overflow for v8.8 and v8.8.1
<https://www.immunityinc.com/downloads/immpartners/edirectory_http.tar>
Both of the Novell Client exploits work against XP SP2 with DEP enabled.
Essentially what that tells you is that if you had a Novell network and
you were using Microsoft's client to talk to it, you were owned. If you
were using Novell's client to talk to it, you were owned. Not a good
place to be, especially when you thought your fancy new Intel NX chip
was going to protect you! The Novell eDirectory overflow (HttpStk.dlm)
is another one of many other Novell exploits coming to roost.
Essentially, the Novell sea is under-fished, and Microsoft and Redhat
are going to clean them out by telling customers about Novell
vulnerabilities for the next year or so.
-dave
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.immunitysec.com/pipermail/dailydave/attachments/20061130/416528a4/attachment-0001.htm
More information about the Dailydave
mailing list