Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
Test ID: | 1.3.6.1.4.1.25623.1.0.100692 |
Category: | Buffer overflow |
Title: | Novell iManager < 2.7.4 Multiple Vulnerabilities |
Summary: | Novell iManager is prone to multiple Vulnerabilities. |
Description: | Summary: Novell iManager is prone to multiple Vulnerabilities. Vulnerability Insight: The following flaws and impact exists: - A stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Attackers may exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful exploits will completely compromise affected computers. Failed exploit attempts will result in a denial-of-service condition. - A denial-of-service vulnerability due to an off-by-one error. Attackers may exploit this issue to crash the affected application, denying service to legitimate users. Affected Software/OS: Versions prior to Novell iManager 2.7.4 are vulnerable. Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 9.0 CVSS Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C |
Cross-Ref: |
BugTraq ID: 40480 BugTraq ID: 40485 Common Vulnerability Exposure (CVE) ID: CVE-2010-1929 http://www.securityfocus.com/bid/40480 Bugtraq: 20100623 CORE-2010-0316 - Novell iManager Multiple Vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/511983/100/0/threaded http://www.exploit-db.com/exploits/14010 http://www.coresecurity.com/content/novell-imanager-buffer-overflow-off-by-one-vulnerabilities http://www.osvdb.org/65737 http://securitytracker.com/id?1024152 http://secunia.com/advisories/40281 http://www.vupen.com/english/advisories/2010/1575 XForce ISS Database: imanager-class-bo(59694) https://exchange.xforce.ibmcloud.com/vulnerabilities/59694 Common Vulnerability Exposure (CVE) ID: CVE-2010-1930 http://www.securityfocus.com/bid/40485 http://www.osvdb.org/65738 XForce ISS Database: imanager-tree-dos(59695) https://exchange.xforce.ibmcloud.com/vulnerabilities/59695 |
Copyright | Copyright (C) 2010 Greenbone Networks GmbH |
This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |