Vulnerabilities > CVE-2006-5854 - Remote Buffer Overflow vulnerability in Novell Netware Client 4.91
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple buffer overflows in the Spooler service (nwspool.dll) in Novell Netware Client 4.91 through 4.91 SP2 allow remote attackers to execute arbitrary code via a long argument to the (1) EnumPrinters and (2) OpenPrinter functions.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |
Exploit-Db
description Multiple Printer Providers (spooler service) Privilege Escalation Exploit. CVE-2006-5854. Local exploit for windows platform id EDB-ID:3220 last seen 2016-01-31 modified 2007-01-29 published 2007-01-29 reporter Andres Tarasco source https://www.exploit-db.com/download/3220/ title Multiple Printer Providers spooler service - Privilege Escalation Exploit description Novell Client 4.91 NWSPOOL.DLL Remote Buffer Overflow Vulnerability. CVE-2006-5854. Remote exploit for windows platform id EDB-ID:29146 last seen 2016-02-03 modified 2006-11-21 published 2006-11-21 reporter Andres Tarasco Acuna source https://www.exploit-db.com/download/29146/ title Novell Client 4.91 NWSPOOL.DLL Remote Buffer Overflow Vulnerability
Nessus
| NASL family | Windows |
| NASL id | NOVELL_TID2974765.NASL |
| description | The file |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 23699 |
| published | 2006-11-21 |
| reporter | This script is Copyright (C) 2006-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/23699 |
| title | Novell NetWare Client Print Provider (nwspool.dll) Multiple Function Overflow |
Saint
| bid | 21220 |
| description | Novell Client nwspool.dll buffer overflow |
| id | printer_novellclient |
| osvdb | 30547 |
| title | novell_client_nwspool |
| type | remote |
Seebug
bulletinFamily exploit description No description provided by source. id SSV:6084 last seen 2017-11-19 modified 2007-01-30 published 2007-01-30 reporter Root source https://www.seebug.org/vuldb/ssvid-6084 title Multiple Printer Providers (spooler service) Privilege Escalation Exploit bulletinFamily exploit description No description provided by source. id SSV:82679 last seen 2017-11-19 modified 2014-07-01 published 2014-07-01 reporter Root source https://www.seebug.org/vuldb/ssvid-82679 title Novell Client 4.91 NWSPOOL.DLL Remote Buffer Overflow Vulnerability bulletinFamily exploit description No description provided by source. id SSV:83034 last seen 2017-11-19 modified 2014-07-01 published 2014-07-01 reporter Root source https://www.seebug.org/vuldb/ssvid-83034 title SSC DiskAccess NFS Client DAPCNFSD.DLL Stack Buffer Overflow Vulnerability
References
- http://secunia.com/advisories/23027
- http://securitytracker.com/id?1017263
- http://securitytracker.com/id?1017315
- http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974765.htm
- http://www.kb.cert.org/vuls/id/300636
- http://www.kb.cert.org/vuls/id/653076
- http://www.novell.com/support/search.do?cmd=displayKC&externalId=3125538&sliceId=SAL_Public
- http://www.securityfocus.com/archive/1/453012/100/0/threaded
- http://www.securityfocus.com/bid/21220
- http://www.securityfocus.com/data/vulnerabilities/exploits/testlpc.c
- http://www.vupen.com/english/advisories/2006/4631
- http://www.zerodayinitiative.com/advisories/ZDI-06-043.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30461