Vigil@nce: Novell Netware, denial of service via ICEbrowser
January 2009 by Vigil@nce
SYNTHESIS OF THE VULNERABILITY
An attacker can invite the victim to browse a malicious HTML page
in order to force a reboot of the system.
Gravity: 1/4
Consequences: denial of service of client
Provenance: document
Means of attack: 1 attack
Ability of attacker: technician (2/4)
Confidence: unique source (2/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 15/01/2009
IMPACTED PRODUCTS
– Novell Netware
DESCRIPTION OF THE VULNERABILITY
The ICEbrowser Java browser can be installed with NetWare.
The decodeURI JavaScript function decodes an url. For example
decodeURI("http://site/?v=%43%44") returns "http://site/?v=CD".
However, if the url is too long, a NULL pointer is dereferenced in
SERVER.NLM, which stops the system.
An attacker can therefore invite the victim to browse a malicious
HTML page in order to force a reboot of the system.
CHARACTERISTICS
Identifiers: VIGILANCE-VUL-8397
http://vigilance.fr/vulnerability/Novell-Netware-denial-of-service-via-ICEbrowser-8397