Novell

This is Your Open EnterpriseTM

Novell Client post-4.91 SP4 Login Files 6

This document (5037520) is provided subject to the disclaimer at the end of this document.

patches this patch supersedes

FileProductStatusPatch
491psp4_login_5.zipNovell Client 4.91 SP4 for Windows XP/2003ObsoleteNovell Client post-4.91 SP4 Login Files 5

patches that supersede this patch

ProductStatusNext Superceded ByLast Superceded By
Novell Client 4.91 SP4 for Windows XP/2003ObsoleteNovell Client post-4.91 SP4 Login Files 7Novell Client post-4.91 SP4 Login Files 7

patch attributes

Architecture: x86
Security patch: Yes
Priority: Optional
Distribution Type: Field Test File
http://download.novell.com/Download?buildid=6G4JLuM9eJw~

document

Revision: 2
Document ID: 5037520
Creation Date: 2008-11-03 16:12:54
Modified Date: 2008-11-04 09:48:16

technical support

This Field Test File is supported by Novell Technical Services.

abstract

491psp4_login_6.zip is a patch file for the Novell Client v4.91 SP4 for Windows 2000/XP/2003. It includes fixes for problems relating to login and 802.1x support found after the 4.91 SP4 client update was released.

details

System Requirements:
This patch is designed to update the Novell Client v4.91 SP4 for Windows 2000/XP/2003. Be sure to install only on this version of the client.

Installation:
1. (Optional) Rename the existing lgnwnt32.dll, loginw32.dll, loginw32.exe, noveap.dll, novnpnt.dll, nwgina.dll and nwlscrpt.exe (with a .old extension, for example) in the \System32 folder. Do not reboot before proceeding!
2. Install the files by doing ONE of the following:
a) Run 491psp4_login_6.bat file.
b) Right-Click on 491psp4_login_6.inf and click on INSTALL.
c) Manually copy and replace the existing files in the directory listed in Step 1, above.
3. You will be prompted to reboot. This reboot is required to complete the installation.

The files in this package can also be overlaid on top of a Novell Client 4.91 SP4 installation set so that when SETUPNW.EXE is run to install the Novell client you will be installing the core 4.91 SP4 client and the updates contained in this package in one operation. To update the installation set with the file in this patch set, copy the directory structure over the top of the i386 folder in your "Novell Client 4.91 SP4" installation.

Technical Support Information:
New fix in this release:
1. Novell Enhanced Smart Card Method (NESCM): Issue with smartcard removal behavior. (Bug 431161)

Previous fixes:
1. Need option for eDirectory-enabled Novell Login dialog in Remote Desktop scenarios. See TID 7000076. (Bug 364457, Bug 307939)
2. Login on terminal server with UPN-based Windows account name fails. (Bug 361623)
3. Authentication fails when authenticating via SecureLogin v6.1 (Bug 304574)
4. Increase granularity of NWGINA debug logging around Windows profile operations. (Bug 355086)
5. NMAS-specific error message randomly displayed as generic error value. (Bug 359406)
6. Forgotten Password help text recommends system tray when system tray is disabled. (Bug 375618)
7. GDI object leak in Novell Client login dialog. (Bug 334562)
8. GDI object leak on the WINLOGON.EXE process after Remote Desktop logoff. (Bug 341421)
9. Login does not account for DontDisplayLockedUserId reg key. (Bug 331877)
10. LDAP Contextless Login: No LDAP server specified. (Bug 271161)
11. Novell client for Windows is wrong when login failed. (Bug 276863)
12. When a Workstation is locked, contents of the clipboard can be pasted into the username field. See TID 2797. (Bug 306087)
13. Novell SecureLogin installation is not replacing the WIndows GINA when installed in LDAP GINA Mode. (Bug 288836)
14. C:\Documents and Settings\Novell Zenworks\DLU.tmp\ folders won't delete. (Bug 146308)
15. LocalLoginOnly not properly set when AutoAdminLogon is enabled. (Bug 289774)
16. Installing NSL 6.1 breaks ZENworks Desktop Management Dynamic Local User (DLU) login. (Bug 308031)
17. ZENworks Configuration Management (ZCM) login window appears with Workstation Only login. (Bug 301270)
18. User hive (NTUSER.DAT) always taken from server profile. (Bug 201459)
19. PreserveDLUBinaryData registry entry does not work if "Use eDirectory Credentials" is not enabled. (Bug 275654)
20. Application running as a service fails to login. (Bug 270056)
21. 802.1x - system instability after a period of inactivity. (Bug 362371)
22. 8801 errors when logging in using 802.1x. (Bug 347351)
23. Update for Novell SecureLogin handling of Workstation Only login. (Bug 375885)
24. Stack overflow on Novell login dialog. (Bug 388895)
25. Option to arbitrarily suppress 802.1x authentication failure messages. (Bug 382374)
26. Better error messages when attempting Forgotten Password challenge. (Bugs 347706, 353584, 268288, and 179697)
27. 0x8801 errors during login script processing due to 802.1x re-authentication. (Bug 347351)
28. Third party logon script won't execute. (Bug 403918)

security fixes

CVE-2006-2612 found by Eitan Caspi. "Novell Client for Windows 4.8 and 4.9 does not restrict access to the clipboard contents while a machine is locked, which allows users with physical access to read the current clipboard contents by pasting them into the "User Name" field on the login prompt."

CVE-2008-2145 found by Laurent Gaffie. "Stack-based buffer overflow in Novell Client 4.91 SP4 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long username in the "forgotten password" dialog."

file contents

Compressed File Name: 491psp4_login_6.zip

Files IncludedSizeDate
readme_5037520.htmlN/A2008-11-04 09:48:17

disclaimer

The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information. Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.

Novell is a registered trademark of Novell, Inc. in the United States and other countries. SUSE is a registered trademark of SUSE Linux AG, a Novell business. *All third-party trademarks are the property of their respective owners.

© 2007 Novell, Inc. All Rights Reserved.