Environment
Novell Client for Windows 2000/XP/2003 4.91 Support Pack 2
491psp2_pkc.exe
491psp2_pkc.exe
Situation
DOS in srvloc.sys causing following condition:
IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at
an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 00000006, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000000, value 0 = read operation, 1 = write operation
Arg4: 804204bd, address which referenced memory
This is caused by sending a specifically crafted packet to port 427.
Resolution
This is resolved in the Novell Client 4.91 sp3.
Status
Reported to EngineeringSecurity Alert
Additional Information
This vulnerability was found by Tyler Krpata.