CVE-2009-5153

EUVD-2009-5107
In Novell NetWare before 6.5 SP8, a stack buffer overflow in processing of CALLIT RPC calls in the NFS Portmapper daemon in PKERNEL.NLM allowed remote unauthenticated attackers to execute code, because a length field was incorrectly trusted.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 92%
Affected Products (NVD)
VendorProductVersion
microfocusnetware
𝑥
≤ 6.5
microfocusnetware
6.5:sp1
microfocusnetware
6.5:sp2
microfocusnetware
6.5:sp3
microfocusnetware
6.5:sp4
microfocusnetware
6.5:sp5
microfocusnetware
6.5:sp6
microfocusnetware
6.5:sp7
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://bugzilla.suse.com/show_bug.cgi?id=515804
https://download.novell.com/Download?buildid=1z3z-OsVCiE~
https://www.zerodayinitiative.com/advisories/ZDI-09-067/
https://bugzilla.suse.com/show_bug.cgi?id=515804
https://download.novell.com/Download?buildid=1z3z-OsVCiE~
https://www.zerodayinitiative.com/advisories/ZDI-09-067/