Environment
Novell NetWare 6.5
Novell NetWare 6.5 Support Pack 8
Situation
A pre-authentication vulnerability has been found against CIFS.NLM and tested against the latest SP 8 release. Long usernames can cause a stack overflow, resulting in a server abend.
Resolution
Apply the NSS Update for NetWare 6.5 Support Pack 8 called N65NSS8C.zip
Additional Information
This vulnerability was reported to Novell by:
* Laurent Gaffié of Stratsec