Update Protection against Novell iManager Class Name Remote Buffer Overflow Vulnerability
| Check Point Reference: | CPAI-2010-153 | |
| Date Published: | ||
| Severity: | ||
| Last Updated: | ||
| Source: | Secunia Advisory: 40281 | |
| Industry Reference(s): | CVE-2010-1929 | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? Novell iManager 2.7 Novell iManager 2.7.3 Novell iManager 2.7.3 FTF2 | ||
| Vulnerability Description A buffer overflow vulnerability has been reported in Novell iManager, a web-based administration console that provides management of many other Novell products.The vulnerability is due to insufficient validation of the class name parameter when handling HTTP requests sent to a CGI module. This may be exploited by remote attackers to execute arbitrary code on the target server by sending a crafted HTTP POST request. |
||
|
Update/Patch Available The vendor has not released an advisory addressing this issue. |
|
|
Vulnerability Details The vulnerability is due to a failure of the application to properly check the length of a variable submitted during the creation of a new class. This can be exploited by sending a specially crafted HTTP request containing overly large class names. |
Protection Overview
The protection will detect and block HTTP Requests to the Novell iManager webacc CGI with overly long classname arguments.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.