Summary
The host is running Novell iManager and is prone to buffer overflow vulnerability.
Impact
Successful exploitation may allow remote attackers to execute arbitrary code within the context of the application or cause a denial of service condition.
Impact Level: System/Application
Solution
Apply the patch.
For updates refer to http://www.novell.com/support/viewContent.do?externalId=7002971
*****
NOTE : Ignore this warning, if above patch has been applied.
*****
Insight
The flaw is due to an error in the Create Attribute function in jclient, when handling the 'EnteredAttrName' parameter and can be exploited to cause a buffer overflow.
Affected
Novell iManager version prior to 2.7.4 before patch 4
References
- http://secunia.com/advisories/48672/
- http://www.coresecurity.com/content/novell-imanager-buffer-overflow-off-by-one-vulnerabilities
- http://www.novell.com/support/kb/doc.php?id=7002971
- http://www.securityfocus.com/bid/40480
- http://www.securityfocus.com/bid/40485
- http://xforce.iss.net/xforce/xfdb/74669
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2011-4188 -
CVSS Base Score: 4.0
AV:N/AC:L/Au:S/C:N/I:N/A:P
Related Vulnerabilities
- VLC Media Player 'MP4_ReadBox_skcr()' Buffer Overflow Vulnerability (Linux)
- ImageMagick Integer Overflow Vulnerability - 03 June (Windows)
- UnrealIRCd User Authentication Buffer Overflow Vulnerability
- IrfanView JPEG-2000 Plugin Remote Stack Based Buffer Overflow Vulnerability
- Dnsmasq TFTP Service multiple vulnerabilities