Vulnerabilities > CVE-1999-1086 - Unspecified vulnerability in Novell Netware

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

novell

critical

NVD

Published: 1999-07-15

Updated: 2016-10-18

Summary

Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrator privileges by spoofing the MAC address in IPC fragmented packets that make NetWare Core Protocol (NCP) calls.

Vulnerable Configurations

Part	Description	Count
OS	Novell Novell Netware 4.1 Novell Netware 4.11 Novell Netware - Novell Netware 3.0 Novell Netware 3.12 Novell Netware 4.0 Novell Netware 4.01 Novell Netware 5.0	9

References

http://marc.info/?l=bugtraq&m=93214475111651&w=2
http://www.securityfocus.com/bid/528