Novell NetWare 6.5 Support Pack 8
Novell Open Enterprise Server 2 (OES 2) Linux Support Pack 1
Novell Open Enterprise Server 2 (OES 2) Linux Support Pack 2
There may be a potential security vulnerability with NetStorage that may allow remote attackers to execute arbitrary code on vulnerable installations of Novell NetStorage. Authentication is not required to exploit this vulnerability.
NetStorage on both NetWare and OES Linux is affected by this.
On OES2, the fix has been included in the patch channel, so if the OES2 server has been fully patched on OES2 SP2 the system is not vulnerable to this potential threat.
On NetWare, the fix is currently available here.
This defect was reported by researcher 1c239c43f521145fa8385d64a9c32243 through TippingPoint's Zero Day Initiative (ZDI).