header-logo
Suggest Exploit
vendor:
Netware
by:
SecurityFocus
7.5
CVSS
HIGH
Denial of Service
400
CWE
Product Name: Netware
Affected Version From: Novell Netware 5.0 service pack 5
Affected Version To: Novell Netware 6.0 service pack 1
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

Novell Netware Denial of Service Vulnerability

When Novell Netware is configured with IPX-Compatibility enabled, it is vulnerable to a denial of service attack by sending packets with random data to port 40193. Similar results are possible by sending fragmented packets. This has been observed on Novell Netware 5.0 service pack 5, other versions may be vulnerable. This behaviour has also been reported on Novell Netware 6.0 service pack 1.

Mitigation:

It is not advised to configure Netware with IPX for production servers.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/1467/info

When Novell Netware is configured with IPX-Compatibility enabled, it is vulnerable to a denial of service attack by sending packets with random data to port 40193. Similar results are possible by sending fragmented packets. This has been observed on Novell Netware 5.0 service pack 5, other versions may be vulnerable. 

This behaviour has also been reported on Novell Netware 6.0 service pack 1. 

It should be noted that configuration of Netware with IPX is not supported and it is not advised for production servers.

Using the tool 'netcat':

# cat /dev/urandom | nc XXX.XXX.XXX.XXX 40193

Navigation

Suggest Exploit

Services By CQR