Published: 25/12/2012 Updated: 13/04/2021

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Stack-based buffer overflow in the Novell NCP implementation in NetIQ eDirectory 8.8.7.x prior to 8.8.7.2 allows remote malicious users to have an unspecified impact via unknown vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microfocus edirectory 8.8.7.0
microfocus edirectory 8.8.7.1

Novell NCP implementation in NetIQ eDirectory version 887x before 8872 pre-authentication remote root stack-based buffer overflow exploit that spawns a shell on port 5074 ...

In the interest of full-disclosure, here is a remote exploit for the vulnerability found by David Klein: Demonstration Novell NCP Pre-Auth Remote Stack Buffer Overflow Connecting to host [127001] Connected! Sending message #1 (23 bytes) <-- 44 6d 64 54 00 00 00 17 00 00 00 01 00 00 00 00 11 11 00 00 00 00 00 Waiting for response (16 byte ...

## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = NormalRanking inc ...

CWE-119 https://bugzilla.novell.com/show_bug.cgi?id=785272 http://www.novell.com/support/kb/doc.php?id=3426981 https://nvd.nist.gov https://packetstormsecurity.com/files/119651/Novell-NCP-Pre-Auth-Remote-Stack-Buffer-Overflow.html https://www.exploit-db.com/exploits/24205/

CVE-2012-0432

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect