Novell.Client.NetIdentity.Agent.Remote

Name	Novell.Client.NetIdentity.Agent.Remote.Code.Execution
Release Date	Aug 06, 2009
Severity	Critical
Impact	System Compromise: Remote attackers can gain control of vulnerable systems.
Description	This indicates an attack attempt against a buffer overflow vulnerability in Novell Client. The vulnerability is caused by an error when the vulnerable software handles a malicious RPC request that may allow remote attackers to execute arbitrary code.
Affected Products	Novell NetIdentity Client before 1.2.4
Recommended Actions	Apply the latest update from the vendor: http://download.novell.com/Download?buildid=6ERQGPjRZ8o~
Common Vulnerabilities and Exposures (CVE)	http://cve.mitre.org/cgi-bin/cvename.cgi?name=2009-1350
Reference/s	http://www.securityfocus.com/bid/34400 (BugTraq) http://www.vupen.com/english/advisories/2009/0954 (FrSIRT) http://www.zerodayinitiative.com/advisories/ZDI-09-016/

Reference: VID-17371