Novell Netware SMDR.NLM Denial of Service Vulnerability

When Novell Netware is configured with IPX-Compatibility enabled, it is vulnerable to a denial of service attack by sending packets with random data to port 40193. Similar results are possible by sending fragmented packets. This has been observed on Novell Netware 5.0 service pack 5, other versions may be vulnerable.

This behaviour has also been reported on Novell Netware 6.0 service pack 1.

It should be noted that configuration of Netware with IPX is not supported and it is not advised for production servers.


Privacy Statement
Copyright 2010, SecurityFocus