Re: Vulnerabilities in Client Service for NetWare

[<daylasoul () hush com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, 16 Nov 2006 14:48:25 -0600 El Camino
<elcamino74ss () gmail com> wrote:
> This isn't AVERT's first published vuln.  Most security
> professionals
> do list some certs and sigs.
>
> Don't take it out on him if you got kicked out of school or can't
> pass
> the A+ exam.
>
>
> On 11/16/06, Cyrus Grissom <cyrus_grissom () hushmail com> wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > interesting....i didnt know that avert was in the business of
> > publishing vunls...dont recall seeing any others? first time?  i
> > dont remember seeing it in my 'McAfee Avert Labs Threat News'
> email
> > alert?  would have been nice...
> >
> > and what the hell is this, "Dave Marcus, B.A., CCNA, MCSE"?  are
> > you letting everyone know that you have a bachelor's of arts
> > degree? a "Security Research and Communications Manager" who
> > advertises that he has a ba, a ccna and a mcse...you're such a
> > schmuck....how about a high school diploma, do you want to let
> us
> > know about that too?  go play with your blog or something......
> >
> > - -c
> >
> > On Thu, 16 Nov 2006 11:25:38 -0500 David_Marcus () McAfee com
> wrote:
> > > McAfee, Inc.
> > > McAfee(r) Avert(r) Labs Security Advisory
> > > Public Release Date: 2006-11-16
> > >
> > > Vulnerabilities in Client Service for NetWare
> > >
> > > CVE-2006-4688, CVE-2006-4689
> >
> > __________________________________________________________________
> _
> > > _____
> > > _______
> > >
> > > *      Synopsis
> > >
> > > The Client Service for NetWare (CSNW) allows a Windows client
> to
> > > access
> > > NetWare file, print, and directory services.
> > >
> > > Successful exploitation could lead to execution of arbitrary
> code
> > > or
> > > cause the affected system to stop responding.
> >
> > __________________________________________________________________
> _
> > > _____
> > > _______
> > >
> > > *      Vulnerable System or Application
> > >
> > > Microsoft Windows 2000 Service Pack 4
> > > Microsoft Windows XP Service Pack 2
> > > Microsoft Windows Server 2003 and Microsoft Windows Server 2003
> > > Service
> > > Pack 1
> >
> > __________________________________________________________________
> _
> > > _____
> > > _______
> > >
> > > *      Vulnerability Information
> > >
> > > CVE-2006-4688
> > >
> > > A boundary error in Client Service for Netware (CSNW) can be
> > > exploited
> > > to cause a buffer overflow via a specially crafted network
> message
> > > sent
> > > to the system. Successful exploitation allows execution of
> > > arbitrary
> > > code and an attacker could remotely take complete control of
> the
> > > affected system.
> > >
> > > CVE-2006-4689
> > >
> > > A denial of service vulnerability exists in Client Service for
> > > NetWare
> > > (CSNW) that could allow an attacker to send a specially crafted
> > > network
> > > message to an affected system running the Client Service for
> > > NetWare
> > > service. An attacker could cause the system to stop responding
> and
> > > automatically restart thus causing the affected system to stop
> > > accepting
> > > requests.
> >
> > __________________________________________________________________
> _
> > > _____
> > > _______
> > >
> > > *      Resolution
> > >
> > > Microsoft has included fixes for the Client Service for Netware
> > > (CSNW)
> > > issues in the November 2006 Security Bulletin MS06-066 for
> > > affected
> > > Windows platforms.
> >
> > __________________________________________________________________
> _
> > > _____
> > > _______
> > >
> > > *      Credits
> > >
> > > These vulnerabilities were discovered by Sam Arun Raj of McAfee
> > > Avert
> > > Labs.
> >
> > __________________________________________________________________
> _
> > > _____
> > > _______
> > >
> > > *      Legal Notice
> > >
> > > Copyright (C) 2006 McAfee, Inc.
> > > The information contained within this advisory is provided for
> the
> > > convenience of McAfee's customers, and may be redistributed
> > > provided
> > > that no fee is charged for distribution and that the advisory
> is
> > > not
> > > modified in any way. McAfee makes no representations or
> warranties
> > > regarding the accuracy of the information referenced in this
> > > document,
> > > or the suitability of that information for your purposes.
> > >
> > > McAfee, Inc. and McAfee Avert Labs are registered Trademarks of
> > > McAfee,
> > > Inc. and/or its affiliated companies in the United States
> and/or
> > > other
> > > Countries.  All other registered and unregistered trademarks in
> > > this
> > > document are the sole property of their respective owners.
> > >
> > >
> > > Best regards,
> > >
> > > Dave Marcus, B.A., CCNA, MCSE
> > > Security Research and Communications Manager
> > > McAfee(r) Avert(r) Labs
> > > (443) 321-3771 Office
> > > (443) 668-0048 Mobile
> > > McAfee Threat Center
> > > <http://www.mcafee.com/us/threat_center/default.asp>
> > > McAfee Avert Labs Research Blog
> > > <http://www.avertlabs.com/research/blog>
> > >
> > >
> > >
> > > _______________________________________________
> > > Full-Disclosure - We believe in it.
> > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > > Hosted and sponsored by Secunia - http://secunia.com/
> > -----BEGIN PGP SIGNATURE-----
> > Note: This signature can be verified at
> https://www.hushtools.com/verify
> > Version: Hush 2.5
> wkYEARECAAYFAkVcqU8ACgkQUZmP8t5Ad2MnKgCgqc4gMUcV2fNoWaz7uUEgdX5CfKA
> A
> > n01HkOEaV3XV7SvYimqdujz1FeIX
> > =ccXv
> > -----END PGP SIGNATURE-----
> >
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
Please take disagreements, flames, and arguments off the list if
possible.
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.5

wpwEAQECAAYFAkVdXJsACgkQ3AEcWsxdEQ6bDgQAlXCr782U0wo75AODu9WmQNSlugf4
ocp+ZwhcNZ3CRz3gihDcIR++JqqUQMvpwE+Cl6nU/1j6hRnS4ELQrVRn1nNgg/tcH473
jlI3tDeicLyoNuhHRql9JAiQA2kKHjdO5Go7m0m1rrKkmRCGPiLBlDkigX8RC4Kg1l+x
1FjOrPs=
=33G8
-----END PGP SIGNATURE-----




Concerned about your privacy? Instantly send FREE secure email, no account required
http://www.hushmail.com/send?l=480

Get the best prices on SSL certificates from Hushmail
https://www.hushssl.com?l=485

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/