Dell OpenManage Web Server <= 3.7.1 Network Vulnerability

Summary

The remote host is running the Dell OpenManage Web Server. Dell OpenManage Web Servers 3.2.0-3.7.1 are vulnerable to a heap based buffer overflow attack. A proof of concept denial of service attack has been released. *** Note : The Dell patch does not increase the version number of this service *** so this may be a false positive Patch is available at http://support.dell.com/filelib/download.asp?FileID=96563&c=us&l=en&s=DHS&Category=36&OS=WNT5&OSL=EN&SvcTag=&SysID=PWE_FOS_XEO_6650&DeviceID=2954&Type=&ReleaseID=R74029

Solution

Install the security patch available from Dell

References

http://sh0dan.org/files/domadv.txt

Updated on 2015-03-25

Severity

Classification

CVE CVE-2004-0331

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Adobe Reader 'AcroPDF.DLL' Denial of Service Vulnerability (Linux)
Cogent DataHub Integer Overflow Vulnerability
Denial Of Service Vulnerability in OpenSSL June-09 (Linux)
DoSable squid proxy server
Comodo Internet Security Denial of Service Vulnerability-01

Take action and discover your vulnerabilities