Novell IManager < 2.7.4 Multiple Vulnerabilities Network Vulnerability

Summary

Novell iManager is prone to multiple Vulnerabilities. 1. A stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Attackers may exploit this issue to execute arbitrary code with SYSTEM- level privileges. Successful exploits will completely compromise affected computers. Failed exploit attempts will result in a denial-of- service condition. 2. A denial-of-service vulnerability due to an off-by-one error. Attackers may exploit this issue to crash the affected application, denying service to legitimate users. Versions prior to Novell iManager 2.7.4 are vulnerable.

References

http://www.coresecurity.com/content/novell-imanager-buffer-overflow-off-by-one-vulnerabilities
http://www.novell.com/products/consoles/imanager/features.html
https://www.securityfocus.com/bid/40480
https://www.securityfocus.com/bid/40485

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-1929, CVE-2010-1930

CVSS	Base Score: 9.0 AV:N/AC:L/Au:S/C:C/I:C/A:C

Related Vulnerabilities

Cyrus SASL Remote Buffer Overflow Vulnerability
Cscope Multiple Buffer Overflow vulnerability
Apache APR and APR-util Multiple Integer Overflow Vulnerabilities
Adobe Air Buffer Overflow Vulnerability (Mac OS X)
BaoFeng Storm ActiveX Control Buffer Overflow Vulnerability

Novell iManager < 2.7.4 Multiple Vulnerabilities

Take action and discover your vulnerabilities