Novell Remote Manager Off-by-one Error in 'httpstkd' Lets Remote Users Deny Service
|
|
SecurityTracker Alert ID: 1027343 |
|
SecurityTracker URL: http://securitytracker.com/id/1027343
|
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Aug 3 2012
|
Impact:
Denial of service via network
|
|
Version(s): 2.0.2 Release 99.10; possibly other versions
|
Description:
A vulnerability was reported in Novell Remote Manager. A remote user can cause denial of service conditions.
A remote user can send specially crafted Host header data to trigger an off-by-one error and cause the target 'httpstkd' service to crash.
The vulnerability resides in the ProcessAuthorizationFailure() function.
The original advisory is available at:
http://secunia.com/advisories/49792/
Georgi Geshev reported this vulnerability via Secunia.
|
Impact:
A remote user can cause the target 'httpstkd' service to crash.
|
Solution:
No solution was available at the time of this entry.
|
Vendor URL: www.novell.com/ (Links to External Site)
|
Cause:
Access control error
|
Underlying OS:
Linux (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Fri, 03 Aug 2012 05:23:53 +0000
Subject: Novell Remote Manager
|
http://secunia.com/advisories/49792/
|
|
