Novell IManager Importing/Exporting Schema Stack Buffer Overflow Vulnerability Network Vulnerability

Summary

Novell iManager is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Attackers may exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely cause denial-of-service conditions. Novell iManager 2.7.2 and prior are vulnerable.

Solution

The vendor has released an advisory and fixes. Please see the references for details.

References

http://www.novell.com/products/consoles/imanager/features.html
http://www.novell.com/support/viewContent.do?externalId=7004985&sliceId=1
http://www.securityfocus.com/bid/37672
http://www.zerodayinitiative.com/advisories/ZDI-10-001/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-4486

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Admbook PHP Code Injection Flaw
Agora CGI Cross Site Scripting
Admin News Tools Multiple Vulnerabilities
Atutor AChecker Multiple SQL Injection and XSS Vulnerabilities
ATutor password reminder SQL injection

Novell iManager Importing/Exporting Schema Stack Buffer Overflow Vulnerability

Take action and discover your vulnerabilities