Check Point Advisories

Preemptive Protection against Novell Client nwspool.dll EnumPrinters Function Buffer Overflow Vulnerability

Check Point Reference: CPAI-2008-032
Date Published: 24 Feb 2008
Severity: High
Last Updated: Tuesday 01 January, 2008
Source: Secunia Advisory: SA28895
Industry Reference:CVE-2008-0639
Protection Provided by:
Who is Vulnerable? Novell Client for Windows 4.91 SP2
Novell Client for Windows 4.91 SP3
Novell Client for Windows 4.91 SP4
Vulnerability Description A buffer overflow vulnerability has been discovered in the Novel Client for Windows. The flaw is due to a boundary error in Novell Client's Spooler service (nwspool.dll). The vulnerable service is included with the Novell Client for Microsoft Windows, and provides access to remote printing services via Remote Procedure Call (RPC). An attacker may exploit this vulnerability to execute arbitrary code on an affected system.
Vulnerability DetailsThe vulnerability is due to a boundary error in Novell Client's Spooler service (nwspool.dll) that fails to properly handle crafted arguments passed to the 'EnumPrinters' function. A remote attacker can exploit this issue by specially crafting a malicious RPC request and sending it to the Print Spooler RPC interface of an affected system. Successful exploitation may allow remote code execution.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK