I saw some of the patches for this a few days ago, but the full details of the fault have been posted by Hustle Labs. There is a integer overflow that is exploitable. What's more, the overflow is predictable enough that exploit code can be written to make it more than just a denial-of-service. Not a real issue for NetWare servers (I haven't seen a root-kit for NetWare yet), but it will be an issue for Novell Client for Windows users.
Tags: novell, ndps
Tags: novell, ndps