Novell Client nicm.sys Local Privilege Escalation

High Nessus Plugin ID 29898


The remote Windows host contains a driver that is affected by a local privilege escalation vulnerability.


The file 'NICM.SYS' included with the Novell Client software and installed on the remote host reportedly allows local users to open the device '\\.\nicm' and execute arbitrary code in kernel mode using specially-constructed input.


Install the patch referenced in the vendor advisory above.

See Also

Plugin Details

Severity: High

ID: 29898

File Name: novell_nicm_priv_escalation.nasl

Version: $Revision: 1.16 $

Type: local

Agent: windows

Family: Windows

Published: 2008/01/10

Modified: 2016/10/27

Dependencies: 13855

Risk Information

Risk Factor: High


Base Score: 7.2

Temporal Score: 6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

Required KB Items: SMB/Registry/Enumerated

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2008/01/09

Reference Information

CVE: CVE-2007-5762

BID: 27209

OSVDB: 40871

EDB-ID: 18914

CWE: 20