We've tested this exploit with NW 5.1 SP2a using a queue based Print Server object. We could login as the object with no password, but the object only had public rights (ie, browse, compare and read). No volume scan, read or write rights. Though it must have read rights to the print spool location. By default the Print Server should not security equivelance to the container. But this may have been manually assigned in the environment where the vulnerability was discovered. Ben Ponting
- Re: Vulnerability in Novell Netware - Yeah, it's a u... Kain
- Re: Vulnerability in Novell Netware - Yeah, it'... Adrian Bolzan
- Re: Vulnerability in Novell Netware Derek Wilson
- Re: Vulnerability in Novell Netware Brad Bendily
- Re: Vulnerability in Novell Netware David Howe
- Re: Vulnerability in Novell Netware hhoogend
- Re: Vulnerability in Novell Netware Thomas M. Payerle
- Re: Vulnerability in Novell Netware Jon Miner
- Re: Vulnerability in Novell Netware Jacek Lipkowski
- Re: Vulnerability in Novell Netware Mike Glassman - Admin
- Re: Vulnerability in Novell Netware Ben Ponting
- Re: Vulnerability in Novell Netware Scott Smith
- Re: Vulnerability in Novell Netware Matthew Firth
- Re: Vulnerability in Novell Netware Simple Nomad
- Re: FW: Vulnerability in Novell Netware Jeffrey Seaton
- Re: FW: Vulnerability in Novell Netware Jacek Lipkowski
- Re: FW: Vulnerability in Novell Netware Krzysztof Halasa
