This script is Copyright (C) 2011-2015 Tenable Network Security, Inc.
The remote host is running a service that is susceptible to a remote
buffer overflow attack.
The version of Novell File Reporter (NFR) Engine running on the
remote host is vulnerable to a remote buffer overflow attack.
Specifically, the application fails to check the size of user-supplied
strings before using them in a call to memcpy when parsing tags inside
the '<RECORD>' element.
An unauthenticated, remote attacker, accessing the service, could
leverage this vulnerability to corrupt the process thread's stack,
possibly resulting in arbitrary code execution under the context of a
See also :
Apply the security patch referenced in Novell's advisory.
Risk factor :
High / CVSS Base Score : 9.7
CVSS Temporal Score : 8.0
Public Exploit Available : true
Family: Gain a shell remotely
Nessus Plugin ID: 55544 ()
Bugtraq ID: 48470
CVE ID: CVE-2011-2220
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.