OpenCVE

NWFILTER.SYS in Novell Client 4.91 SP 1 through SP 4 for Windows 2000, XP, and Server 2003 makes the \.\nwfilter device available for arbitrary user-mode input via METHOD_NEITHER IOCTLs, which allows local users to gain privileges by passing a kernel address as an argument and overwriting kernel memory locations.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Windows 2000 Windows 2003 Server Windows Server 2003 Windows Xp
Novell	Client

Configuration 1 [-]

AND

OR	cpe:2.3:o:microsoft:windows_2000:::adv_srv:::::*
	cpe:2.3:o:microsoft:windows_2000:::datacenter_srv:::::*
	cpe:2.3:o:microsoft:windows_2000:::pro:::::*
	cpe:2.3:o:microsoft:windows_2000:::srv:::::*
	cpe:2.3:o:microsoft:windows_2000:::srv:ja::::
	cpe:2.3:o:microsoft:windows_2000:-:::::::*
	cpe:2.3:o:microsoft:windows_2003_server:::itanium:::::*
	cpe:2.3:o:microsoft:windows_2003_server:::std:::::*
	cpe:2.3:o:microsoft:windows_2003_server:::wed:::::*
	cpe:2.3:o:microsoft:windows_2003_server:::x64:::::*
	cpe:2.3:o:microsoft:windows_2003_server:::x64-std:::::*
	cpe:2.3:o:microsoft:windows_2003_server:::xp-64bit:::::*
	cpe:2.3:o:microsoft:windows_2003_server:-:::::::*
	cpe:2.3:o:microsoft:windows_server_2003::::::::
	cpe:2.3:o:microsoft:windows_xp:::64bit:::::*
	cpe:2.3:o:microsoft:windows_xp:::embedded:::::*
	cpe:2.3:o:microsoft:windows_xp:::ibm_oem:::::*
	cpe:2.3:o:microsoft:windows_xp:::media_center:::::*
	cpe:2.3:o:microsoft:windows_xp:::pro:::::*
	cpe:2.3:o:microsoft:windows_xp:::tablet_pc:::::*
	cpe:2.3:o:microsoft:windows_xp:::x64:::::*
	cpe:2.3:o:microsoft:windows_xp:-:::::::*

OR	cpe:2.3:a:novell:client:4.91:sp1::::::
	cpe:2.3:a:novell:client:4.91:sp2::::::
	cpe:2.3:a:novell:client:4.91:sp3::::::
	cpe:2.3:a:novell:client:4.91:sp4::::::

No data.

References

Link	Providers
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=626
http://osvdb.org/40867
http://secunia.com/advisories/27678
http://www.securityfocus.com/bid/26420
http://www.securitytracker.com/id?1018943
http://www.vupen.com/english/advisories/2007/3846
https://exchange.xforce.ibmcloud.com/vulnerabilities/38434
https://secure-support.novell.com/KanisaPlatform/Publishing/98/3260263_f.SAL_Public.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-11-14T01:00:00

Updated: 2024-08-07T15:39:13.709Z

Reserved: 2007-10-23T00:00:00

Link: CVE-2007-5667

Vulnrichment

No data.

NVD

Status : Modified

Published: 2007-11-14T01:46:00.000

Modified: 2024-11-21T00:38:25.757

Link: CVE-2007-5667

Redhat

No data.

Metrics

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object