Novell is now a part of Micro Focus

My Favorites


Please to see your favorites.

Potential Security Vulnerability with NetStorage

This document (7005282) is provided subject to the disclaimer at the end of this document.


Novell NetStorage
Novell NetWare 6.5 Support Pack 8
Novell Open Enterprise Server 2 (OES 2) Linux Support Pack 1
Novell Open Enterprise Server 2 (OES 2) Linux Support Pack 2


There may be a potential security vulnerability with NetStorage that may allow remote attackers to execute arbitrary code on vulnerable installations of Novell NetStorage. Authentication is not required to exploit this vulnerability.
NetStorage on both NetWare and OES Linux is affected by this.


On OES2, the fix has been included in the patch channel, so if the OES2 server has been fully patched on OES2 SP2 the system is not vulnerable to this potential threat.
On NetWare, the fix is currently available here.

Additional Information

This defect was reported by researcher 1c239c43f521145fa8385d64a9c32243 through TippingPoint's Zero Day Initiative (ZDI).


This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7005282
  • Creation Date:03-FEB-10
  • Modified Date:27-APR-12
    • NovellNetStorage
      Open Enterprise Server

Did this document solve your problem? Provide Feedback