• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Novell NetBasic Interpreter Module Name Buffer Overflow Vulnerability

The Novell NetBasic interpreter included in Novell NetBasic Scripting Server (NSN) is prone to a remotely exploitable buffer overflow condition. This is due to insufficient bounds checking of requests for modules. It is possible to reproduce this condition by supplying an overly long module name (230+ bytes) in a request to NSN.

This may be exploited to deny service, and possibly execute arbitrary code with the privileges of NSN.