srvloc.sys in Novell Client for Windows before 4.91 SP3 allows remote attackers to cause an unspecified denial of service via a crafted packet to port 427 that triggers an access of pageable or invalid addresses using a higher interrupt request level (IRQL) than necessary.
https://secure-support.novell.com/KanisaPlatform/Publishing/859/3480790_f.SAL_Public.html
http://www.vupen.com/english/advisories/2006/4840