NetWare Running CIFS.NLM Can Be Crashed By Remote Users
|
|
SecurityTracker Alert ID: 1012817
|
|
SecurityTracker URL: http://securitytracker.com/id?1012817
|
|
CVE Reference: GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Jan 10 2005
|
Impact: Denial of service via network
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): 5.1, 6.0
|
Description: A denial of service vulnerability was reported in NetWare when running CIFS.NLM. A remote user can cause the system to lock up.
The vendor reported that a remote user can conduct a network port scan against the target system to cause the target system to 'hard lock' if the system is running CIFS.NLM at the time of the scan.
No further details were provided.
|
Impact: A remote user can cause the target system to lock up.
|
Solution: The vendor has issued a CIFS update for NetWare 5.1 and 6.0, described at:
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2970488.htm
|
Vendor URL: support.novell.com/cgi-bin/search/searchtid.cgi?/2970488.htm (Links to External Site)
|
Cause: Not specified
|
|
Message History:
None.
|
Source Message Contents
|
Date: Mon, 10 Jan 2005 07:18:11 -0500
Subject: http://support.novell.com/cgi-bin/search/searchtid.cgi?/2970488.htm
|
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2970488.htm
> CIFS update for NW 5.1 and 6.0 - TID2970488 (last modified 05JAN2005)
> http://support.novell.com/servlet/filedownload/sec/pub/cifspt6.exe
> Security Issue(s):
> - Fixes an issue where some Network Security/Port Scanners could hard lock
> NetWare 5.1 and NetWare 6.0 servers if they were running CIFS.NLM.
|
|
