This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.
The remote Windows host allows remote execution of arbitrary code.
The 'xtagent.exe' program included with the version of Novell's
NetIdentity Agent installed on the remote Windows host contains an
arbitrary pointer de-reference vulnerability. Using specially crafted
RPC messages over the 'XTIERRPCPIPE' named pipe, an attacker who can
establish a valid IPC$ connection can leverage this issue to execute
arbitrary code with system privileges on the affected host.
See also :
Upgrade to NetIdentity Agent 1.2.4, build 1.2.612 or later.
Risk factor :
High / CVSS Base Score : 9.0
CVSS Temporal Score : 7.4
Public Exploit Available : true