Vigil@nce: Novell Netware, denial of service via AFP et CIFS
January 2010 by Vigil@nce
An attacker can generate a memory leak in AFP/CIFS implementations
of Novell Netware, in order to generate a denial of service.
– Severity: 2/4
– Consequences: denial of service of service
– Provenance: intranet client
– Means of attack: 1 attack
– Ability of attacker: technician (2/4)
– Confidence: unique source (2/5)
– Diffusion of the vulnerable configuration: high (3/3)
– Creation date: 06/01/2010
IMPACTED PRODUCTS
– Novell Netware
DESCRIPTION OF THE VULNERABILITY
The CIFS.NLM and AFPTCP.NLM modules implement following protocols :
– CIFS/SMB - port 139/tcp and 445/tcp : Microsoft Windows file
sharing
– AFP (Apple Filing Protocol) - port 548/tcp : Apple file sharing
(Appleshare)
When these modules handle malformed packets, they are ignored.
However, all allocated memory areas are not freed.
An attacker can therefore generate a memory leak in AFP/CIFS
implementations of Novell Netware, in order to generate a denial
of service.
CHARACTERISTICS
– Identifiers: BID-37616, PRL-2009-27, VIGILANCE-VUL-9323
– Url: http://vigilance.fr/vulnerability/Novell-Netware-denial-of-service-via-AFP-et-CIFS-9323