SMB: Invalid Netware Workstation Service Call
This signature detects attempts to exploit a known vulnerability in the Client for NetWare Services on Microsoft Windows. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the user (typically Administrator).
Extended Description
Microsoft Client Service for Netware is prone to a remote code-execution vulnerability. A remote attacker can exploit this vulnerability to execute arbitrary code in the context of the user running the affected service. Note that the Client Service for Netware is not installed by default on any affected operating system.
Affected Products
Avaya s8100_media_servers,Microsoft windows_xp_tablet_pc_edition
Short Name
SMB:OF:NWCW-INV-CALL
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
SMB
Keywords
CVE-2006-4688 Call Invalid Netware Service Workstation bid:20984 bid:21023
Release Date
11/14/2006
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3709
False Positive
Unknown
Vendors
Nortel_networks
Microsoft
Avaya
CVSS Score
7.5