Novell File Reporter Engine RECORD Element Tag Parsing Overflow (uncredentialed check)

High Nessus Plugin ID 55544


The remote host is running a service that is susceptible to a remote buffer overflow attack.


The version of Novell File Reporter (NFR) Engine running on the remote host is vulnerable to a remote buffer overflow attack. Specifically, the application fails to check the size of user-supplied strings before using them in a call to memcpy when parsing tags inside the '<RECORD>' element.

An unauthenticated, remote attacker, accessing the service, could leverage this vulnerability to corrupt the process thread's stack, possibly resulting in arbitrary code execution under the context of a privileged account.


Apply the security patch referenced in Novell's advisory.

See Also

Plugin Details

Severity: High

ID: 55544

File Name: novell_file_reporter_engine_stack_overflow.nbin

Version: $Revision: 1.25 $

Type: remote

Published: 2011/07/08

Modified: 2018/01/29

Dependencies: 55543

Risk Information

Risk Factor: High


Base Score: 9.7

Temporal Score: 8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

Required KB Items: Services/NFR-engine

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2011/06/27

Vulnerability Publication Date: 2011/06/27

Exploitable With

CANVAS (White_Phosphorus)

Core Impact

Reference Information

CVE: CVE-2011-2220

BID: 48470

OSVDB: 73494

Secunia: 45065