A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell software which utilize the Novell Client Trust. Authentication is not required to exploit this vulnerability. The specific flaw exists in the Novell Client Trust application, clntrust.exe, which listens by default on UDP port 3024 on Novell client machines. During a validation request, the Client Trust process copies a user-supplied Novell tree name until a wide-character backslash or a NULL is encountered. If neither is found within the data, the process will copy excess data which later overflows a static buffer during a call to wsprintfA. BorderManager version 3.8 is affected.
9350aec3d8769fc8d19d02e0ee5ad4f8e02c94b3ad788ab080bda817d61b9568
iDefense Security Advisory 10.23.07 - Remote exploitation of a buffer overflow vulnerability in IBM Corp.'s Lotus Notes mail user agent could allow attackers to execute arbitrary code in the context of the current user. iDefense confirmed the existence of this vulnerability in version 7.0.2 of IBM Corp.'s Lotus Notes. Additionally, versions 6.5.1, 6.5.3 and 7.0.1 were reported to be vulnerable. Other versions are suspected to be vulnerable.
767bfa82660c5dc3967cefdd0c2303cc5f98f866a5e4da72f0ffc96d87cc593a