Vulnerability in Novell Imanager
CVE-2010-1930
Off-by-one error in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allows remote attackers to cause a denial of service (daemon crash) via a long tree parameter in a login request to nps/servlet/webacc.
EPSS: 0.230 (96.0th percentile) — read the EPSS interpretation.
Affected products
- Novell Imanager — versions 2.7.0, 2.7.3
- N/a — versions n/a
Weakness classification (CWE)
References
- 40485 (vdb-entry, x_refsource_BID)
- ADV-2010-1575 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
- 1024152 (Exploit, vdb-entry, x_refsource_SECTRACK)
- 65738 (x_refsource_OSVDB, vdb-entry)
- cve@mitre.org (Exploit, x_refsource_MISC)
- imanager-tree-dos(59695) (vdb-entry, x_refsource_XF)
- 14010 (Exploit, exploit, x_refsource_EXPLOIT-DB)
- 40281 (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- 20100623 CORE-2010-0316 - Novell iManager Multiple Vulnerabilities (mailing-list, x_refsource_BUGTRAQ)