Published: 31/07/2013 Updated: 22/08/2013

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 730

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

The NICM.SYS kernel driver 3.1.11.0 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003; Novell Client 2 SP2 on Windows Vista and Windows Server 2008; and Novell Client 2 SP3 on Windows Server 2008 R2, Windows 7, Windows 8, and Windows Server 2012 allows local users to gain privileges via a crafted 0x143B6B IOCTL call.

Vulnerable Product	Search on Vulmon	Subscribe to Product
novell client 4.91
novell client 2.0

## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # web site for more information on licensing and terms of use # metasploitcom/ ## require 'msf/core' require 'rex' require 'msf/core/post/common' require 'msf/core/post/windows/priv' class Met ...

# Novell Client 2 SP3 Privilege escalation exploit # Tested on Windows 7 and 8 (x86) / nicmsys 31110 # Thanks to Master Ryujin :) # The first public information I have seen about this bug was from Nikita Tarakanov @NTarakanov (I am not sure weather there was anything else public) # Exploit for DEMO purposes :) # Does not bypass SMEP on Windows ...

CWE-264 http://www.novell.com/support/kb/doc.php?id=7012497 http://pastebin.com/GB4iiEwR http://www.exploit-db.com/exploits/26452 http://www.exploit-db.com/exploits/27191 https://nvd.nist.gov https://www.exploit-db.com/exploits/26452/

CVE-2013-3956

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect