CVE-2008-3158 – Novell Client 4.91 SP4 - 'nwfs.sys' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2008-3158
Unspecified vulnerability in NWFS.SYS in Novell Client for Windows 4.91 SP4 has unknown impact and attack vectors, possibly related to IOCTL requests that overwrite arbitrary memory. Vulnerabilidad no especificada en NWFS.SYS de Novell Client para Windows 4.91 SP4 tiene un impacto y vectores de ataque desconocidos, posiblemente relacionado con peticiones IOCTL que sobrescriben memoria de su elección. • https://www.exploit-db.com/exploits/26418 http://secunia.com/advisories/30904 http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5028543.html http://www.securityfocus.com/bid/30001 http://www.securitytracker.com/id?1020385 http://www.vupen.com/english/advisories/2008/1968/references https://exchange.xforce.ibmcloud.com/vulnerabilities/43460 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2008-0663
https://notcve.org/view.php?id=CVE-2008-0663
Novell Challenge Response Client (LCM) 2.7.5 and earlier, as used with Novell Client for Windows 4.91 SP4, allows users with physical access to a locked system to obtain contents of the clipboard by pasting the contents into the Challenge Question field. Novell Challenge Response Client (LCM) 2.7.5 y versiones anteriores, como el usado en Novell Client 4.91 SP4 para Windows, permite a usuarios con acceso físico a un sistema bloqueado obtener contenidos del porta-papeles pegando los contenidos en el campo Challenge Question. • http://secunia.com/advisories/28792 http://www.securityfocus.com/bid/27631 http://www.securitytracker.com/id?1019304 http://www.vupen.com/english/advisories/2008/0423/references https://secure-support.novell.com/KanisaPlatform/Publishing/686/3726376_f.SAL_Public.html •