Message-ID: <3A118E7F.462BAC34@timpanogas.org>
Date: Tue, 14 Nov 2000 12:11:59 -0700
From: "Jeff V. Merkey" <jmerkey@timpanogas.org>
Organization: TRG, Inc.
MIME-Version: 1.0
To: linux-kernel@vger.kernel.org
Subject: NetWare Changing IP Port 524
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org


Petr/Linux,

If you are relying on port 524 to get SAP information for NCPFS over
TCPIP, you may want to track this since it appears Novell will be
patching this port to close a security flaw.  I 
added the tracking URL so you can review what changes they are
proposing.  I think what they
are proposing as an immediate patch may break NCPFS -- you will need to
check.

:-)

Jeff 

Novell NetWare discloses system information

Novell's NetWare operating system contains a flaw that allows 
system information to be leaked via TCP port 524 in pure IP 
configurations. When NetWare is used in a mix Microsoft 
environment, the Novell operating system leaks data via Service 
Advertising Protocol (SAP). Other third-party applications 
compound the problem as well. A hacker can use the data to gain 
knowledge on the inner workings of the affected system. It is 
recommended that port 524 be blocked to prevent any leaks. For 
more information on SAP:
http://support.novell.com/cgi-bin/search/search.pl?database_name=kb&type=HTM
L&docid=%03%21F221133%3a973867389%3a%20%28%2010050864%20%29%20%20%07%01%00&b
yte_count=71624


**********
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/