Novell NetWare NDS Domain Admin Null Password Vulnerability


Novell NetWare is reportedly prone to an issue which may, under some circumstances, allow an unprivileged NDS user to access NT domain machines using a null password.

The attacker must possess a valid NDS account. The attacker must target a NDS_ADM account that is in the NDS tree and is checked as having "Domain Admin" rights over the NT domain, but must not exist in the NT domain. If these conditions are satisfied, then it is allegedly possible for the unprivileged NDS user to gain unauthorized access to machines in the NT Domain with the privileges of a Domain Admin.