Novell Client nwspool.dll RPC Printer Functions Remote Overflow (300870)

This script is Copyright (C) 2007-2015 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains a DLL that is affected by multiple
buffer overflow vulnerabilities.

Description :

The file 'nwspool.dll' included with the Novell Client software on the
remote host reportedly contains several buffer overflow
vulnerabilities that can be triggered via specially crafted RPC
requests. An unauthenticated, remote attacker may be able to leverage
these issues with overly long arguments to RPC requests such as
'RpcAddPrinterDriver' and 'RpcGetPrinterDriverDirectory' to cause a
denial of service or to execute arbitrary code remotely on the
affected host.

See also :

http://secunia.com/secunia_research/2007-57/advisory/
http://download.novell.com/Download?buildid=VOXNZb-6t_g~

Solution :

Install the 491psp2_3_4_nwspool.zip Field Test File per the vendor
advisory referenced above.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.8
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 25952 ()

Bugtraq ID: 25474

CVE ID: CVE-2007-2954

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now