Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Vulnerability in Novell Netware

Vulnerability in Novell Netware

by phiber on March 10th, 2001 Novell Netware allows a user to log into a Novell Network by using a Printer Server as the username. By default, Novell Print Servers have blank passwords. In addition, Novell Print Servers do not have intruder detection capability as a user account would, so they are vulnerable to a brute force attack without risk of account lockout. When a Print Server is logged into as a User, the account will have the same rights as are assigned to the container that it resides in.




Advisory ID: n/a

Bugtraq ID: 2446

CVE CAN: None currently assigned.

Title: Novell Netware Print Server Vulnerability

Class: Configuration Error

Remotely Exploitable: Yes

Locally Exploitable: Yes

Vulnerable Packages/Systems: Novell Netware 3.1-5.1

Solution/Vendor Information/Workaround: Vendor has not responded yet.

Vendor notified on: 11/02/00

Credits: Discovered by Chris Hughes


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »