Signature Detail

Short Name	HTTP:NOVELL:IMANAGER-LONG-TREE
Severity	High
Recommended	Yes
Recommended Action	Drop
Category	HTTP
Keywords	novel imanager
Release Date	2006/11/20
Update Number	1213
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+

HTTP: Novell iManager Tomcat Long TREE Parameter Denial of Service

This signature detects attempts to exploit a known vulnerability in the Novell iManager. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the daemon.

Extended Description

Novell iManager Tomcat server is prone to a denial-of-service issue. An attacker can exploit this issue to crash the affected server, denying service to legitimate users. This issue affects version 2.5 and earlier.

Affected Products

Novell iManager 1.5.0
Novell iManager 2.0.0
Novell iManager 2.0.2
Novell iManager 2.5.0

References

BugTraq: 20841
BugTraq: 40480
CVE: CVE-2010-1929
CVE: CVE-2006-4517
URL: http://secunia.com/advisories/22657
URL: http://www.coresecurity.com/content/novell-imanager-buffer-overflow-off-by-one-vulnerabilities
URL: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=436

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: Novell iManager Tomcat Long TREE Parameter Denial of Service

Extended Description

Affected Products

References