Vulnerability Details : CVE-2010-0317
Novell Netware 6.5 SP8 allows remote attackers to cause a denial of service (NULL pointer dereference, memory consumption, ABEND, and crash) via a large number of malformed or AFP requests that are not properly handled by (1) the CIFS functionality in CIFS.nlm Semantic Agent (Build 163 MP) 3.27 or (2) the AFP functionality in AFPTCP.nlm Build 163 SP 3.27. NOTE: some of these details are obtained from third party information.
Vulnerability category: Memory CorruptionDenial of service
Products affected by CVE-2010-0317
- cpe:2.3:o:novell:netware:6.5:sp8:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2010-0317
12.60%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 95 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2010-0317
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.8
|
HIGH | AV:N/AC:L/Au:N/C:N/I:N/A:C |
10.0
|
6.9
|
NIST |
CWE ids for CVE-2010-0317
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2010-0317
-
http://www.securityfocus.com/archive/1/508731/100/0/threaded
SecurityFocus
-
http://protekresearch.blogspot.com/2010/01/prl-cifsnlm-memory-consumption-denial.html
Omleiding
-
http://www.vupen.com/english/advisories/2010/0041
Webmail | OVH- OVHVendor Advisory
-
http://www.securitytracker.com/id?1023400
NetWare CIFS and AFP Protocol Processing Flaws Let Remote Users Deny Service - SecurityTracker
-
http://www.exploit-db.com/exploits/11009
Novell Netware - CIFS and AFP Remote Memory Consumption Denial of Service - Multiple dos ExploitExploit
-
http://www.securityfocus.com/bid/37616
Novell NetWare CIFS and AFP Handling Remote Denial of Service VulnerabilitiesExploit
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/55389
Novell Netware AFPTCP.nlm denial of service CVE-2010-0317 Vulnerability Report
Jump to