Published: 28/06/2010 Updated: 10/10/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Off-by-one error in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allows remote malicious users to cause a denial of service (daemon crash) via a long tree parameter in a login request to nps/servlet/webacc.

Vulnerable Product	Search on Vulmon	Subscribe to Product
novell imanager 2.7.0
novell imanager 2.7.3

Core Security Technologies Advisory - Novell iManager is prone to a stack-based buffer overflow vulnerability that can be exploited by authenticated users to execute arbitrary code, and to an off-by-one error that can be abused by remote, unauthenticated attackers to cause a Denial of Service to the application ...

CWE-189 http://www.exploit-db.com/exploits/14010 http://www.vupen.com/english/advisories/2010/1575 http://www.coresecurity.com/content/novell-imanager-buffer-overflow-off-by-one-vulnerabilities http://secunia.com/advisories/40281 http://www.osvdb.org/65738 http://www.securityfocus.com/bid/40485 http://securitytracker.com/id?1024152 https://exchange.xforce.ibmcloud.com/vulnerabilities/59695 http://www.securityfocus.com/archive/1/511983/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/14010/

CVE-2010-1930

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect