MS06-066: Netware Client Service Buffer Overflow
CVE-2006-4688 (code execution) and CVE-2006-4689 (DoS)
The Netware Client Service for Windwos (NCSW) is used to allow Windows systems to access Netware file server, directories and printers. It runs as 'system' and this exploit would allow an attacker to execute arbitrary code as 'system'.
This service is not installed by default, and you only need it to access Netware servers. So as long as you don't run Netware, check if you got it running on a system by mistake and turn it off.
If you do run Netware (or even if you don't), make sure that you have all netware related ports blocked at your permiter. This is a critical patch for Netware users, but will only affect the client, not the netware server. Windows servers may act as clients to a Netware server.
The Netware Client Service for Windwos (NCSW) is used to allow Windows systems to access Netware file server, directories and printers. It runs as 'system' and this exploit would allow an attacker to execute arbitrary code as 'system'.
This service is not installed by default, and you only need it to access Netware servers. So as long as you don't run Netware, check if you got it running on a system by mistake and turn it off.
If you do run Netware (or even if you don't), make sure that you have all netware related ports blocked at your permiter. This is a critical patch for Netware users, but will only affect the client, not the netware server. Windows servers may act as clients to a Netware server.
Keywords:
0 comment(s)
My next class:
Application Security: Securing Web Apps, APIs, and Microservices | Washington | Dec 13th - Dec 18th 2024 |
×
Diary Archives
Comments